ssh下常用操作汇总（good）

1. 安装git，从程序目录打开 "Git Bash" 

2. 键入命令：ssh-keygen -t rsa -C "email@email.com"

  "email@email.com"是github账号

3. 提醒你输入key的名称，输入如id_rsa //如果只输入文件名，则文件会生成在当前目录下。 2，3两步可以合成一个命令 ssh-keygen -t rsa -C "email@email.com" -f github-rsa 会生成github-rsa和github-rsa.pub两个文件。这种的话，可以用不同的密钥对应不同的ssh服务器

4. 在C:\Documents and Settings\Administrator\下产生两个文件：id_rsa和id_rsa.pub

5. 把4中生成的密钥文件复制到C:\Documents and Settings\Administrator\.ssh\ 目 录下。

6. 用记事本打开id_rsa.pub文件，复制内容，在github.com的网站上到ssh密钥管理页面，添加新公钥，随便取个名字，内容粘贴刚才复制的内容。

7. ^_^ OK了

需要注意步骤2中产生的密钥文件在当前用户的根目录，必须把这两个文件放到当前用户目录的“.ssh”目录下才能生效。

在windows中只能在命令行下输入创建"."开头的文件夹。命令为 mkdir .ssh
http://www.cnblogs.com/igrl/archive/2010/09/17/1829358.html

我们在日常工作中会遇到公司有个gitlab，还有些自己的一些项目放在github上。这样就导致我们要配置不同的ssh-key对应不同的环境。下面我们来看看具体的操作：

1，生成一个公司用的SSH-Key
$ ssh-keygen -t rsa -C "youremail@yourcompany.com” -f ~/.ssh/id-rsa

在~/.ssh/目录会生成id-rsa和id-rsa.pub私钥和公钥。 我们将id-rsa.pub中的内容粘帖到公司gitlab服务器的SSH-key的配置中。

2，生成一个github用的SSH-Key

$ ssh-keygen -t rsa -C "youremail@your.com” -f ~/.ssh/github-rsa
在~/.ssh/目录会生成github-rsa和github-rsa.pub私钥和公钥。 我们将github-rsa.pub中的内容粘帖到github服务器的SSH-key的配置中。

3，添加私钥

$ ssh-add ~/.ssh/id_rsa $ ssh-add ~/.ssh/id_rsa_github
如果执行ssh-add时提示"Could not open a connection to your authentication agent"，可以现执行命令：

$ ssh-agent bash
然后再运行ssh-add命令。

# 可以通过 ssh-add -l 来确私钥列表
$ ssh-add -l
# 可以通过 ssh-add -D 来清空私钥列表
$ ssh-add -D

测试
$ ssh -T git@github.com
输出
Hi stefzhlg! You've successfully authenticated, but GitHub does not provide shell access.
就表示成功的连上github了.也可以试试链接公司的gitlab.

ssh -v user@host //可输出ssh过程的详细信息

ssh -v 10.1.1.158
.OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 10.1.1.158 [10.1.1.158] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/identity-cert type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
The authenticity of host '10.1.1.158 (10.1.1.158)' can't be established.
RSA key fingerprint is 3f:6f:11:ff:b7:5e:f7:63:57:ec:22:91:ca:9e:9c:e3.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': yes
Warning: Permanently added '10.1.1.158' (RSA) to the list of known hosts.
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
Cannot determine realm for numeric host address

debug1: Unspecified GSS failure.  Minor code may provide more information
Cannot determine realm for numeric host address

debug1: Unspecified GSS failure.  Minor code may provide more information

debug1: Unspecified GSS failure.  Minor code may provide more information
Cannot determine realm for numeric host address

debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Next authentication method: password
root@10.1.1.158's password: 

ssh 

     /etc/ssh/ssh_known_hosts
             Systemwide list of known host keys.  This file should be prepared
             by the system administrator to contain the public host keys of
             all machines in the organization.  It should be world-readable.
             See sshd(8) for further details of the format of this file.

     ~/.ssh/
             This directory is the default location for all user-specific con-
             figuration and authentication information.  There is no general
             requirement to keep the entire contents of this directory secret,
             but the recommended permissions are read/write/execute for the
             user, and not accessible by others.

     ~/.ssh/authorized_keys
             Lists the public keys (RSA/ECDSA/DSA) that can be used for log-
             ging in as this user.  The format of this file is described in
             the sshd(8) manual page.  This file is not highly sensitive, but
             the recommended permissions are read/write for the user, and not
             accessible by others.

     ~/.ssh/config
             This is the per-user configuration file.  The file format and
             configuration options are described in ssh_config(5).  Because of
             the potential for abuse, this file must have strict permissions:
             read/write for the user, and not accessible by others.

     ~/.ssh/environment
             Contains additional definitions for environment variables; see
             ENVIRONMENT, above.

     ~/.ssh/identity
     ~/.ssh/id_dsa
     ~/.ssh/id_ecdsa
     ~/.ssh/id_rsa
             Contains the private key for authentication.  These files contain
             sensitive data and should be readable by the user but not acces-
             sible by others (read/write/execute).  ssh will simply ignore a
             private key file if it is accessible by others.  It is possible
             to specify a passphrase when generating the key which will be
             used to encrypt the sensitive part of this file using 3DES.

     ~/.ssh/identity.pub
     ~/.ssh/id_dsa.pub
     ~/.ssh/id_ecdsa.pub
     ~/.ssh/id_rsa.pub
             Contains the public key for authentication.  These files are not
             sensitive and can (but need not) be readable by anyone.

     ~/.ssh/known_hosts
             Contains a list of host keys for all hosts the user has logged
             into that are not already in the systemwide list of known host
             keys.  See sshd(8) for further details of the format of this
             file.

     ~/.ssh/rc
             Commands in this file are executed by ssh when the user logs in,
             just before the user’s shell (or command) is started.  See the
             sshd(8) manual page for more information.

免密码登陆

http://www.cnblogs.com/softidea/p/5447539.html

Linux SSH常用总结（转）

http://www.cnblogs.com/softidea/p/4303157.html

 http://www.cnblogs.com/softidea/p/4523136.html

http://www.cnblogs.com/softidea/p/5308405.html

http://www.cnblogs.com/softidea/p/4710513.html

解决linux中ssh登录Warning:Permanently added (RSA) to the list of known hosts
原因：
在执行scp id_rsa.pub root@hostname:/root/.ssh这一步时，没在本机的/root/.ssh下生成known_hosts文件。

解决方案：
vi /etc/ssh/ssh_config
最后有两行是
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
把这两行注释掉并保存文件
再次执行scp id_rsa.pub root@host141:/root/.ssh
出现提示
The authenticity of host 'host141 (172.20.0.141)' can't be established.
RSA key fingerprint is a0:09:89:d2:3b:aa:91:60:59:7f:7f:bc:03:31:b0:09.
Are you sure you want to continue connecting (yes/no)?
输入yes后，则可看到在/root/.ssh目录下生成了known_hosts文件：

[root@SamuluIndex .ssh]# ls
id_rsa id_rsa.pub known_hosts

http://www.cnblogs.com/wjoyxt/p/6567206.html