创建 OpenSSH 证书

The next step is to create a key pair for authentication. There are two possible ways to create keys. The first is to create the keys with PuTTYgen on the client, upload the public key to your server and use the private key with PuTTY. The other is to create the key pair with the OpenSSH tool ssh-keygen, download the private key to your client and convert the private key to a PuTTY-style private key.

使用 ssh-keygen 创建密钥

Login to the server as root or svnuser and type:

ssh-keygen -b 1024 -t dsa -N passphrase -f keyfile

substituting a real pass-phrase (which only you know) and key file. We just created a SSH2 DSA key with 1024 bit key-phrase. If you type

ls -l keyfile*

you will see two files, keyfile and keyfile.pub. As you might guess, the .pub file is the public key file, the other is the private one.

Append the public key to those in the .ssh folder within the svnuser home directory:

cat keyfile.pub >> /home/svnuser/.ssh/authorized_keys

In order to use the private key we generated, we have to convert it to a putty format. This is because the private key file format is not specified by a standards body. After you download the private key file to your client PC, start PuTTYgen and use ConversionsImport key. Browse to your file keyfile which you got from the server the passphrase you used when creating the key. Finally click on Save private key and save the file as keyfile.PPK.

使用 PuTTYgen 创建密钥

Use PuTTYgen to generate a public-key/private-key pair and save it. Copy the public key to the server and append it to those in the .ssh folder within the svnuser home directory:

cat keyfile.pub >> /home/svnuser/.ssh/authorized_keys