xiaojie@ubuntu:~/.ssh$ cat ~/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDiRDV1OlNoxzLaJI0Z2kWtrfD4FINaU3uwuH5e0VmkbkkG/tbD61R5pFHw2z3ZlPPYNP0NbWIzWUIA4gpCkMUgSg/lFsO6Ti3ppKBOEHy/uoEWvDgIbHu/Z8M+gNwii8mCnDdDvg+fcmLv90J4xCq3au4fTDjRQMe0FJkZxgIFFziDNoFKnwi8ES3Joaxmz9+vOxAEL+sAqzLRdJ7OuJ4qYHLoeXv7ok27yB5qCI+3ENrXBom6AkR2350CYZ4sDMBF1J2QorzCneJKqBJ9i8Ijh3dtZoXThinZlsh5SgAJtlpPMSAqbx5rvTSQdbpm2+hun9b54cHOYyfcrYFqusIwPj/TPNGxFQ0WKOpCDtKB1XLmkrOhvjCa+bvrzbB/eK1+lBUZdmO28W0G7USsHxmRJytz4NjF3H3DcRVbziMia6TftmFlfgbRMetqVfd0qMWioQbjzi/2m2IesNdgSc/al2hrZgpMd2uyRtYfXl11HFe8FS5pSt5p756U2+G6RpUCW11tu5hsbKI0NZ/FPTDARLsiz5V7fd20EtaYs77YucfG2yHJy4kWPxDoWM5cePf/T5mLMVUReU3T65r03xbjFGn+oSeDJhvGhAFD82cFmlBZssm2pQH2J+m/CeeaVkUXL9YDt7ysicAHSkRHpRijotzBV4ZKgdLQGe5o6QZGrQ== xiaojie@ubuntu
xiaojie@ubuntu:~/.ssh$ ssh-keygen -lf ~/.ssh/id_rsa
4096 SHA256:ovjUzYquVMajDQv8AXlbXU+X+zucgrulucC8aQqbD8g xiaojie@ubuntu (RSA)
xiaojie@ubuntu:~/.ssh$ ssh-keygen -lf ~/.ssh/id_rsa.pub
4096 SHA256:ovjUzYquVMajDQv8AXlbXU+X+zucgrulucC8aQqbD8g xiaojie@ubuntu (RSA)
xiaojie@ubuntu:~/.ssh$ ssh xiaojie@ubuntu
The authenticity of host 'ubuntu (127.0.1.1)' can't be established.
ECDSA key fingerprint is SHA256:f2TduTCqvnPtV0X4NjJuGWTCTvv1zrZ6o02pR7l91PE.
Are you sure you want to continue connecting (yes/no)?
为什么指纹从ssh localhost和结果ssh-keygen -lf ~/.ssh/id_rsa.pub不一样?
您正在查看两个单独的键。
ssh localhost显示目标主机公钥的指纹。该密钥通常存储在/etc/ssh目标主机的目录中。主机密钥用于确认您已连接到预期主机并防止中间人攻击。
ssh-keygen -lf ~/.ssh/id_rsa.pub显示用于识别/验证用户登录的(默认)公钥的指纹。这是ssh本地主机上的命令用于登录远程主机的密钥。您localhost永远不会向尝试登录的人出示此密钥 - 相反,它希望看到由此密钥加密的内容。ssh-keygen在私钥文件上将自动为您提供相应公钥文件的结果。这就是为什么在私钥和公钥文件上运行它时会看到相同结果的原因。要查看主机密钥的匹配结果,请
ssh localhost尝试ssh-keygen -lf /etc/ssh/KEYFILENAME其中 KEYFILENAME 类似于ssh_host_key_ecdsa.pub. 该文件的确切名称和位置可能因您的 Linux 发行版而异。你需要root才能看到它。