我想在远程服务器上安装一个新的公钥。我ssh-keygen -t rsa
在 Macbook 上使用创建了一个密钥对,然后将其公钥添加到authorized_keys
远程服务器上。它是该文件中剩下的唯一公钥:
user@remote:~/.ssh$ cat authorized_keys
AAAAB3NzaC1yc2EAAAADAQABAAABAQCwNctIMgFSrvxrB/fX0eN2ew/nSHZWvY7gT3/wuZ3IpnumYtOA62Telc8M9tLu3bLsuh3O+/duhKTkW58jyEp2W8cC8hy+bWdZRvaV1jdBKtOyKb+KMFELWdxFFHd6PdMz+D9ElmDQlDqe2/Kw7SCjDiLnnuJbjoB+DycbPnlEMsecZAK73anlwfzs5iV6pzdqJw1u8+n4w6cpqgZJ6nyAIWhxxN3Ii0/H3Fbe5XiYezJJi4jtAmtLPd6JxoX17pNqtEl8dlI7rp4exq+HfVDVzKjRRA5fdyUmuWYrscBPrI/5Djvr+vJS3OizzZNdtXeuXbqT+89exjaswR2XEU/p
在本地,虽然我保留了旧密钥,但这是我的新公钥:
local:.ssh user$ cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCwNctIMgFSrvxrB/fX0eN2ew/nSHZWvY7gT3/wuZ3IpnumYtOA62Telc8M9tLu3bLsuh3O+/duhKTkW58jyEp2W8cC8hy+bWdZRvaV1jdBKtOyKb+KMFELWdxFFHd6PdMz+D9ElmDQlDqe2/Kw7SCjDiLnnuJbjoB+DycbPnlEMsecZAK73anlwfzs5iV6pzdqJw1u8+n4w6cpqgZJ6nyAIWhxxN3Ii0/H3Fbe5XiYezJJi4jtAmtLPd6JxoX17pNqtEl8dlI7rp4exq+HfVDVzKjRRA5fdyUmuWYrscBPrI/5Djvr+vJS3OizzZNdtXeuXbqT+89exjaswR2XEU/p
如您所见,这是添加到远程服务器上的密钥authorized_keys
。为了方便起见,下面是我的旧公钥的内容,只是为了显示它们完全不同:
local:.ssh user$ cat id_rsa_alt.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJMTXjgk8KMUQpiOnx9R5gTDQhFUQbUPZCvrCbQXIIRP4I7MfhqDEWUqnsobOxeYXXtyV0s116iFwvc/4DaWCWQEcuvIcRiRekQRgqELJJfbSdXR70OyBQWn1SpVKbD93Ww2KE+KomrYl0Ocl92GGw39tr2Eyl0qNM/5MBiZk4Nm8cEM/NhROesj8Uj2dNDh9AheC9eGSFdCkS7l+F2+dpZc2aIGgbkQtortIE41hu3yZl/EnQlXIQU2OiOxdm9jROm6ndh5OQn8/e5JH8CyExjRnSCH+/XlqfSVujaXjPaM5rBNQlzIxdjjrFkg4MxE4g/QFF9g60e37ed43QSAcH
当然,我可以使用新密钥进行连接,但我的旧密钥仍然有效:
local:~ user$ ssh -i .ssh/id_rsa_alt user@remote
Linux lxhalle 2.6.32-52-server #114-Ubuntu SMP Wed Sep 11 19:06:34 UTC 2013 x86_64 GNU/Linux
Ubuntu 10.04.4 LTS
Welcome to the Ubuntu Server!
* Documentation: http://www.ubuntu.com/server/doc
Last login: Thu Nov 7 10:51:23 2013 from IP
这是怎么回事?我还需要做什么才能取消授权一个键,除了从中移除它authorized_keys
?