Juniper SSH Public Key Access_西索

http://blog.sina.com.cn/u/2127942971

首页博文目录关于我

个人资料

微博

加好友发纸条

写留言加关注

博客等级：
博客积分：

博客访问：
关注人气：
获赠金笔：0支
赠出金笔：0支
荣誉徽章：

正文字体大小：大中小

Juniper SSH Public Key Access

(2017-12-11 11:58:51)

标签：

juniper

network

ssh

public

公钥

分类： Juniper技术学习

通过在VMX上模拟SSH 公共密钥登录。

参考链接： https://kb.juniper.net/InfoCenter/index?page=content&id=KB21577

1. 通过在%上生成公共和私有的密钥对

[edit]

root@JNCIE-R1# run start shell

root@JNCIE-R1% ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

/root/.ssh/id_rsa already exists.

Overwrite (y/n)? y

Enter passphrase (empty for no passphrase): ###直接回车####

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

e4:f4:35:80:b0:83:27:3a:e2:b7:1d:a9:bf:ad:f3:80 root@JNCIE-R1

The key's randomart image is:

+--[ RSA 2048]----+

| .. .. |

| . .. . |

| o + o o |

| . o = . . . |

|. o S . |

|.. .. . |

| . E + |

| . +.+ |

| o.==o |

+-----------------+

2. 显示当有的公共和私有的密钥对

root@JNCIE-R1% cat id_rsa

-----BEGIN RSA PRIVATE KEY-----

MIIEogIBAAKCAQEAscpifmkuCgZz6eZtl9VESkFC86FljpQqlbDXZgxQH3h2SCKV

R2+nu0hpMDt0atz12i1nR1XQiMMPU0JcVwPOq+ECzS7fwXR0rQK/Mex8TGu3blGV

1AuLMHuVq3ZeCU7cIU+/aC5rwQkRJEnVJVcgY221uCvSBW5rr3gfNlfl2Y2KKmMs

9/60rFtiIL35I1Q1P8RtPlIEKgemwCDSnK9K01Bz1ruw7kJuOOkyh/vinqe8/+PH

cseCsYnOUM6VFhYKEj2ZVl5hR21ynKNrotISxkW789l29FUIQc6cJ9cJmgbu1P7X

xEe39qSM7xz8cW53VGrXb+z8+K88oy3TdPm8uwIDAQABAoIBAEUpK4NtOwGfXPwC

LWPBDJ2uIXNQt4btUFuGvWPvKkPzwl9xRIzTfHY4RuMCXdksN182BlUTptlst8t1

pyIaUw09rK9Qqq5AtRqQVPwAuKGpzWNWzWf9TZoAmUpn81C/opY6xYSrejNPaaGq

LwYljG3hQa1xLnP6bl2F5u5m5vznkatz5GoHXVuVN1EFWiV1qaK7OP4GUHHtXNCe

VrE5ALgjD3AiO2XfvcuOC3N/2fbxFLsLNrFgUg/BU1l6U1+LkEc6KFDXcxqjdE/s

tuSbcpd1NjTeksuth7NR1GJzgj6ZJsspzuL3ILF3dNapholim/jz2BeDKZBdLHWB

iL2pnqECgYEA63P0Cv4ZVq34dJ+BvE5be0D9/d/zjkzE7k2Vu2f4ttzVOFTg73SQ

vIVf5tf+iVX5ZEY1IUFOae8Jbg4hmVeZXHCH+nWeLwcuD7v62DifDvALhIAju60e

CNeqRHFoY9FwRkzrvJ5OOHKAd7ddJ1FM2y060WScZ+vxv5ESq/xQujkCgYEAwU4/

QXzHteNea4tZumI35awQZ3F+v9klQEUfrDoy7vfejEULyJBL2xRmI9jYhYoKjTiw

THSuYgreAz9OFPhG5bdLYqN1loFU3ZyqrSXu5qWbqdhHTDIaqqe4vXN53fmjPIqP

FDEZvClNpuZZQXwuVD1ceivlqzTMdlsrLZWtPpMCgYBzCKS71idlDPwtZlzJNnNF

hZxSM99Xr7QrRWaZOBPwq3XU3stC0m2AXZ1cOD0YthNxZUfB5pk78lhmF6tcssqv

uh8FQ/+ztEtRzqKgjxFPCAJoiv5qTAs3gL6kT9ATrJixEBXAgotu0qpnUwPFGNh2

4OMyuHgd4c2rrWI0+sIqKQKBgBGjbiovlJmIMalmgb18ENWoKacGuCYRTlDa/dTd

SqB7hZcPBdA7OnC3H8rNkpQ80FGqhouzaeYQT8nEEP/g17dGTl6lw6kEDBZcoUZD

W9U370hEL91IBR7lRvoie1BB4x83FW8mO87rheZgxmwvRJrzLmkHcGF649043GvA

aJp5AoGAd6TkoP88xYZsqgmfzSufCy+DiXEHZVS9fhRliO7+uHFzcXD1CruAsbZk

Rb/mooM/Q4ZjI+5BqhhqrcUUg053LhQj5iYiMnSDf278jqZPHcBDQjbpPjF+TF1w

Q/02pnA1BI0gty11dkMkog741dqRznIsD281FkVSJCcl/Me5XSU=

-----END RSA PRIVATE KEY-----

root@JNCIE-R1% cat id_rsa.pub

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxymJ+aS4KBnPp5m2X1URKQULzoWWOlCqVsNdmDFAfeHZIIpVHb6e7SGkwO3Rq3PXaLWdHVdCIww9TQlxXA86r4QLNLt/BdHStAr8x7HxMa7duUZXUC4swe5Wrdl4JTtwhT79oLmvBCREkSdUlVyBjbbW4K9IFbmuveB82V+XZjYoqYyz3/rSsW2IgvfkjVDU/xG0+UgQqB6bAINKcr0rTUHPWu7DuQm446TKH++Kep7z/48dyx4Kxic5QzpUWFgoSPZlWXmFHbXKco2ui0hLGRbvz2Xb0VQhBzpwn1wmaBu7U/tfER7f2pIzvHPxxbndUatdv7Pz4rzyjLdN0+by7 root@JNCIE-R1

3. 创建用户Public关联公共密钥对

[edit]

root@JNCIE-R1# set system login user public class super-user authentication load-key-file /root/.ssh/id_rsa.pub

[edit]

root@JNCIE-R1# show system login user public | display set

set system login user public uid 2004

set system login user public class super-user

set system login user public authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxymJ+aS4KBnPp5m2X1URKQULzoWWOlCqVsNdmDFAfeHZIIpVHb6e7SGkwO3Rq3PXaLWdHVdCIww9TQlxXA86r4QLNLt/BdHStAr8x7HxMa7duUZXUC4swe5Wrdl4JTtwhT79oLmvBCREkSdUlVyBjbbW4K9IFbmuveB82V+XZjYoqYyz3/rSsW2IgvfkjVDU/xG0+UgQqB6bAINKcr0rTUHPWu7DuQm446TKH++Kep7z/48dyx4Kxic5QzpUWFgoSPZlWXmFHbXKco2ui0hLGRbvz2Xb0VQhBzpwn1wmaBu7U/tfER7f2pIzvHPxxbndUatdv7Pz4rzyjLdN0+by7 root@JNCIE-R1"

4. 将步骤2中显示的公共和私有的密钥对，复制出来，放在PC客户端的同一个文件夹下

http://s11/mw690/002k0DaPzy7guuxLNweea&690SSH Public Key Access" TITLE="Juniper SSH Public Key Access" />

5. 设备CRT，关联公钥对

http://s13/mw690/002k0DaPzy7guuAShSQdc&690SSH Public Key Access" TITLE="Juniper SSH Public Key Access" />

6. 使用用户10.0.29.4登录连接时，无密码直接进入设备

http://s16/mw690/002k0DaPzy7guuBXFuf2f&690SSH Public Key Access" TITLE="Juniper SSH Public Key Access" />

[edit]

root@JNCIE-R1# run show log messages| last 1

Nov 29 17:32:01 JNCIE-R1 sshd[68213]: Accepted publickey for public from 10.0.29.251 port 52849 ssh2: RSA e4:f4:35:80:b0:83:27:3a:e2:b7:1d:a9:bf:ad:f3:80

阅读┊ 收藏 ┊ 喜欢 ▼ ┊打印┊举报/Report

前一篇：Juniper archival

后一篇：Juniper MAC Address

新浪BLOG意见反馈留言板　欢迎批评指正