如何将使用 PuTTYgen (Windows) 生成的 SSH 密钥对转换为 ssh-agent 和 Keychain (Linux) 使用的密钥对
我已使用 PuTTYgen 生成密钥对并使用 Pageant 登录,因此系统启动时只需输入一次密码。
我如何在 Linux 中实现这一点?我听说过keychain,但我听说它使用不同的密钥对格式 - 我不想更改我的 Windows 密钥,如果我能够以相同的方式无缝连接,那就太好了Windows 和 Linux 均可。
I've generated key pairs using PuTTYgen and been logging in using Pageant, so that I have to enter my pass-phrase only once when my system boots.
How do I achieve this in Linux? I've heard of keychain but I hear that it uses a different key pair format - I don't want to change my Windows keys and it would be nice if I could seamlessly connect in the same manner in both Windows and Linux.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(10)
较新版本的 PuTTYgen (我的是 0.64)能够在
.ssh/authorized_keys文件中显示要粘贴到 Linux 系统中的 OpenSSH 公钥,如下图所示:Newer versions of PuTTYgen (mine is 0.64) are able to show the OpenSSH public key to be pasted in the linux system in the
.ssh/authorized_keysfile, as shown in the following image:或者,如果您想从 PuTTY 格式的密钥文件中获取私钥和公钥,您可以在 *nix 系统上使用 puttygen。对于大多数基于 apt 的系统,puttygen 是 putty-tools 包的一部分。
从 PuTTY 格式的密钥文件输出私钥:
$ puttygen keyfile.pem -O private-openssh -o avdev.pvk对于公钥:
$ puttygen keyfile.pem -LAlternatively if you want to grab the private and public keys from a PuTTY formated key file you can use
puttygenon *nix systems. For most apt-based systemsputtygenis part of theputty-toolspackage.Outputting a private key from a PuTTY formated keyfile:
$ puttygen keyfile.pem -O private-openssh -o avdev.pvkFor the public key:
$ puttygen keyfile.pem -L这将自动安装 puttygen 工具。
现在要转换要与 SSH 命令一起使用的 PPK 文件,请在终端中执行以下命令
然后,您可以通过 SSH 连接:
http://www.graphicmist.in/use-your-putty-ppk-file-to-ssh-remote-服务器在ubuntu/#comment-28603
This will automatically install the puttygen tool.
Now to convert the PPK file to be used with SSH command execute the following in terminal
Then, you can connect via SSH with:
http://www.graphicmist.in/use-your-putty-ppk-file-to-ssh-remote-server-in-ubuntu/#comment-28603
我最近在从 Putty for Linux 迁移到 Remmina for Linux 时遇到了这个问题。因此,我的
.putty目录中有很多 Putty 的 PPK 文件,因为我已经使用 Putty 8 年了。为此,我使用了 bash shell 的一个简单的for命令来处理所有文件:非常快速且切中要害,完成了 putty 拥有的所有文件的工作。如果它发现带有密码的密钥,它将停止并首先询问该密钥的密码,然后继续。
I recently had this problem as I was moving from Putty for Linux to Remmina for Linux. So I have a lot of PPK files for Putty in my
.puttydirectory as I've been using it's for 8 years. For this I used a simpleforcommand for bash shell to do all files:Very quick and to the point, got the job done for all files that putty had. If it finds a key with a password it will stop and ask for the password for that key first and then continue.
在 Linux 下创建密钥并使用 PuTTYgen 将密钥转换为 PuTTY 格式可能更容易。
PuTTY 常见问题解答:A.2.2
It's probably easier to create your keys under linux and use PuTTYgen to convert the keys to PuTTY format.
PuTTY Faq: A.2.2
我认为 TCSgrad(几年前)试图问的是如何让 Linux 的行为就像他的 Windows 机器一样。也就是说,有一个代理(选美)持有私钥的解密副本,因此密码只需输入一次。然后,ssh 客户端 putty 可以登录其公钥被列为“已授权”的计算机,而无需密码提示。
与此类似的是,Linux充当 ssh 客户端,有一个代理持有解密的私钥,这样当 TCSgrad 键入“ssh 主机”时,ssh 命令将获取他的私钥,并且无需被加密。提示输入密码。当然,主机必须将公钥保存在 ~/.ssh/authorized_keys 中。
Linux 对此场景的模拟是使用 ssh-agent (选美模拟)和 ssh-add (模拟向选美添加私钥)来完成的。
对我有用的方法是使用:
$ ssh-agent $SHELL
$SHELL 是我让代理运行并保持运行所需的魔术。我在网上的某个地方发现了这一点,这结束了我几个小时的头撞墙。
现在我们有一个类似选美比赛的运行,一个没有加载密钥的代理。
打字
$ ssh-添加
其本身将添加(默认情况下) ~/.ssh 中默认身份文件中列出的私钥。
可以在此处找到包含更多详细信息的网络文章
I think what TCSgrad was trying to ask (a few years ago) was how to make Linux behave like his Windows machine does. That is, there is an agent (pageant) which holds a decrypted copy of a private key so that the passphrase only needs to be put in once. Then, the ssh client, putty, can log in to machines where his public key is listed as "authorized" without a password prompt.
The analog for this is that Linux, acting as an ssh client, has an agent holding a decrypted private key so that when TCSgrad types "ssh host" the ssh command will get his private key and go without being prompted for a password. host would, of course, have to be holding the public key in ~/.ssh/authorized_keys.
The Linux analog to this scenario is accomplished using ssh-agent (the pageant analog) and ssh-add (the analog to adding a private key to pageant).
The method that worked for me was to use:
$ ssh-agent $SHELL
That $SHELL was the magic trick I needed to make the agent run and stay running. I found that somewhere on the 'net and it ended a few hours of beating my head against the wall.
Now we have the analog of pageant running, an agent with no keys loaded.
Typing
$ ssh-add
by itself will add (by default) the private keys listed in the default identity files in ~/.ssh .
A web article with a lot more details can be found here
PPK → OpenSSH RSA 与 PuttyGen &码头工人。
私钥:
公钥:
另请参阅 https://hub.docker.com/r/zinuzoid/普蒂根
PPK → OpenSSH RSA with PuttyGen & Docker.
Private key:
Public key:
See also https://hub.docker.com/r/zinuzoid/puttygen
甚至比重新打开 puttygen 还要快,我经常做的是:
Even faster than reopening puttygen, what I have often done is:
puttygen 支持将私钥导出为 OpenSSH 兼容格式。然后,您可以使用 OpenSSH 工具重新创建公钥。
Conversions->Export OpenSSH并导出您的私钥~/.ssh/id_dsa(或id_rsa)。使用
ssh-keygen创建 RFC 4716 版本的公钥将 RFC 4716 版本的公钥转换为 OpenSSH 格式:
请参阅 此和此了解更多信息。
puttygensupports exporting your private key to an OpenSSH compatible format. You can then use OpenSSH tools to recreate the public key.Conversions->Export OpenSSHand export your private key~/.ssh/id_dsa(orid_rsa).Create the RFC 4716 version of the public key using
ssh-keygenConvert the RFC 4716 version of the public key to the OpenSSH format:
See this and this for more information.
如果您拥有的只是 PuTTY 样式格式的用户公钥,您可以将其转换为标准 openssh 格式,如下所示:
参考资料
http://www.treslervania.com/node/408文章副本
If all you have is a public key from a user in PuTTY-style format, you can convert it to standard openssh format like so:
References
http://www.treslervania.com/node/408Copy of article