对于以下假的关键,与将 ssh 密钥添加到 google 计算云项目:
thufir@mordor:~$ ssh-keygen -t rsa -b 768 -f ~/.ssh/gcloud -C thufir
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/thufir/.ssh/gcloud.
Your public key has been saved in /home/thufir/.ssh/gcloud.pub.
The key fingerprint is:
SHA256:pS6ohohbMBD4cQi+s19JyhCuYT+GeSx+uvhzcqnMb2s thufir
The key's randomart image is:
+----[RSA 768]----+
|+. . |
|o.o . |
|.+ o . |
|o + o |
|+* . S |
|o+X o... |
|+*.O.+. . |
|*+OoE . |
|oBX@o. |
+----[SHA256]-----+
thufir@mordor:~$
thufir@mordor:~$ nano .ssh/gcloud.pub
thufir@mordor:~$ cat .ssh/gcloud.pub
thufir:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQCy904Zqx4BvR+bXEH5wgdbO2B6pKem9ZV7yzouTP2XawO7y9xfGmKnxPoUrDbdc5l/MLSkOiXZd9o3UYwD3I+XfuSTg/1+S/QC5CACQxymiJWav3w+zCBVO5rSnr4IkOM= thufir google-ssh {"userName":"thufir","expireOn":"2018-12-04T20:12:00+0000"}
thufir@mordor:~$
thufir@mordor:~$ gcloud compute instances add-metadata <instance_name> --metadata-from-file ssh-keys=.ssh/gcloud.pub
Updated [https://www.googleapis.com/compute/v1/projects/<instance>/zones/<zone>/instances/<instance_name>].
thufir@mordor:~$
thufir@mordor:~$ ssh gcloud
The authenticity of host '<ip_address> (<ip_address>)' can't be established.
ECDSA key fingerprint is SHA256:0s0rx7SXvhpJHj1owMgPVBpNUojx8vZ5kR9erw3AujA.
Are you sure you want to continue connecting (yes/no)? ^C
thufir@mordor:~$
thufir@mordor:~$ rm .ssh/
config gcloud gcloud.pub
thufir@mordor:~$ rm .ssh/
config gcloud gcloud.pub
thufir@mordor:~$
thufir@mordor:~$
thufir@mordor:~$ ssh -v gcloud
OpenSSH_6.9p1 Ubuntu-2ubuntu0.1, OpenSSL 1.0.2d 9 Jul 2015
debug1: Reading configuration data /home/thufir/.ssh/config
debug1: /home/thufir/.ssh/config line 1: Applying options for gcloud
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to <ip_address> [<ip_address>] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/thufir/.ssh/google_compute_engine.pub type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/thufir/.ssh/google_compute_engine.pub-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.9p1 Ubuntu-2ubuntu0.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Debian-5+deb8u2
debug1: match: OpenSSH_6.7p1 Debian-5+deb8u2 pat OpenSSH* compat 0x04000000
debug1: Authenticating to <ip_address>:22 as 'thufir@mordor'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client [email protected] <implicit> none
debug1: kex: client->server [email protected] <implicit> none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:0s0rx7SXvhpJHj1owMgPVBpNUojx8vZ5kR9erw3AujA
The authenticity of host '<ip_address> (<ip_address>)' can't be established.
ECDSA key fingerprint is SHA256:0s0rx7SXvhpJHj1owMgPVBpNUojx8vZ5kR9erw3AujA.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '<ip_address>' (ECDSA) to the list of known hosts.
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/thufir/.ssh/google_compute_engine.pub
no such identity: /home/thufir/.ssh/google_compute_engine.pub: No such file or directory
debug1: No more authentication methods to try.
Permission denied (publickey).
密钥格式是否错误?是不是我上传的不正确?我还尝试了删除= thufir之后的变化key_value,或者仅删除thufir并保留=。我一定是误读了添加通过 ssh 命令生成的密钥的说明,因为这些说明:
ssh-keygen -t rsa -f ~/.ssh/[KEY_FILE_NAME] -C [USERNAME]
似乎创建了与方向不兼容的密钥,因为有一个尾随= thufir.应该删除它吗?
这只是一个虚拟密钥,我删除gcloud了gcloud.pub。