· KLDP.org · KLDP.net · KLDP Wiki · KLDP BBS ·
Using Ssh Agent


1. ¼­¼³

subversionÀ» Ç×»ó local¿¡¼­¸¸ »ç¿ëÇÏ´Ù°¡ ¾ó¸¶Àü¿¡ archive Àü¿ë ¼­¹ö¸¦ Çϳª ¸¶·ÃÇÏ°í remote·Î »ç¿ëÇÏ°í ÀÖ¾úÁö¿ä. svn+ssh À» ÀÌ¿ëÇؼ­ Á¢¼ÓÇÏ°í ÀÖ¾ú´Âµ¥, ÀÌ°Å ¸Å¹ø sshÀ» À§Çؼ­ Æнº¿öµå¸¦ Ä¡±â°¡ ¿µ ±ÍÂúÀº °ÍÀÌ ¾Æ´Õ´Ï´Ù. ¾î¶² ¶§´Â codingÇÏ´Â ½Ã°£º¸´Ù Æнº¿öµå Ä¡´Â ½Ã°£ÀÌ ´õ ±ä °Í °°´Ù´Â Âø°¢ÀÌ µé ¶§µµ -.-;;;; ±×·¡¼­ ssh-agent¸¦ »ç¿ëÇÏ´Â ¹æ¹ýÀ» ã¾ÆºÃ´Âµ¥ ÀÇ¿Ü·Î °£´ÜÈ÷ Á¤¸®µÅ ÀÖ´Â °Ô ¾ø¾î¼­, ¾ÆÁÖ °£´ÜÈ÷ »ç¿ë¹æ¹ýÀÇ Çϳª¸¦ ¼Ò°³ÇÕ´Ï´Ù. ÀÌÈÄ´Â ÆíÀÇ»ó ¹Ý¸»·Î :)

2. ¹Ì¸® È®ÀÎÇÒ °Íµé

  1. ¿ì¼± ´ç¿¬È÷ ssh client¿Í server°¡ Á¦´ë·Î µ¿ÀÛÇϵµ·Ï ¼³Á¤ÇÏ¿´´ÂÁö È®ÀÎÇÑ´Ù.
  2. À§ÀÇ »çÇ×ÀÌ Á¦´ë·Î µÇ¾úÀ¸¸é ´ç¿¬È÷ µÇ°ÚÁö¸¸, Ȥ½Ã ¸ð¸£´Ï ssh-keygen, ssh-copy-id, ssh-agent, ssh-addÀÇ ¸í·É¾î°¡ »ç¿ë °¡´ÉÇÑÁö È®ÀÎÇÑ´Ù.

3. »óȲ ¼³¸í

ÇöÀç ÀÚ½ÅÀÌ ÀÛ¾÷ÇÏ°í ÀÖ´Â ¸Ó½ÅÀÌ machA¶ó°í ÇÏ°í, svn+ssh server°¡ µ¹°í ÀÖ´Â ¸Ó½ÅÀ» machB¶ó°í ÇÏÀÚ. ÆíÀÇ»ó µÎ ¸Ó½Å¿¡ alice¶ó´Â usernameÀ¸·Î °èÁ¤À» °¡Áö°í ÀÖ´Ù°í °¡Á¤ÇÑ´Ù.

4. Áغñ ÀÛ¾÷

¿ì¼± ssh¿ëÀ¸·Î ¾µ key pair¸¦ ¸¸µé¾î¾ß ÇÑ´Ù. machA¿¡¼­ ´ÙÀ½ÀÇ ÀÛ¾÷À» ¼öÇàÇÑ´Ù.

alice@macha:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/lbird/.ssh/id_rsa):
Enter passphrase (empty for no passphrase): <password>
Enter same passphrase again: <password>
Your identification has been saved in .ssh/id_rsa.
Your public key has been saved in .ssh/id_rsa.pub.
The key fingerprint is:
33:d9:ac:19:bd:75:13:e5:4a:d9:3c:98:fa:4f:39:d6 lbird@debian
alice@macha:~$

key¸¦ »ý¼ºÇßÀ¸¸é machB·Î °ø°³Å°¸¦ Àü´ÞÇØ¾ß ÇÑ´Ù. machA¿¡¼­ ´ÙÀ½ ÀÛ¾÷À» ¼öÇàÇÑ´Ù.

alice@macha:~$ ssh-copy-id alice@machb
alice@machb's password: <alice@machbÀÇ password>
Now try logging into the machine, with "ssh 'alice@machb'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

lbird@debian:~$

¿©±â¼­ <alice@machbÀÇ password>¿Í À§ÀÇ <password>´Â °°À» ÇÊ¿ä´Â ¾ø´Ù´Â °Í¿¡ À¯ÀÇ. È®ÀÎÀº ¾ÈÇغÃÁö¸¸ ´ç¿¬È÷ ±×·² °Í °°´Ù. :)

5. ssh-agent ¼³Á¤

´Ù¸¥ °÷¿¡ ÁÁÀº ¼³¸íÀÌ ¸¹°ÚÁö¸¸ °£´ÜÈ÷ ¼³¸íÇϸé, ssh-agent¶ó´Â ÇÁ·Î±×·¥Àº Çѹø ½ÇÇàÇÏ¸é °è¼Ó ¸Þ¸ð¸®¿¡ »óÁÖÇϸ鼭 »ç¿ëÀÚÀÇ private key¸¦ ¾ÈÀüÇÏ°Ô º¸È£ÇÏ°í ÀÖ°Ô µÈ´Ù. ¿©±â¿¡ ssh-add¶ó´Â ÇÁ·Î±×·¥À¸·Î »ç¿ëÀÚ°¡ Ãß°¡ÇÏ°í ½ÍÀº private key¸¦ Áý¾î ³ÖÀ» ¼ö ÀÖ´Ù. ssh-agent´Â ½ÇÇàµÉ ¶§ ¼ÒÄÏÀ» Çϳª ¸¸µç´Ù. ´Ù¸¥ ÇÁ·Î±×·¥µéÀº ±× ¼ÒÄÏ À̸§À» SSH_AUTH_SOCK¶ó´Â ȯ°æ º¯¼ö¿¡¼­ ¾Ë¾Æ³»¼­ ssh-agent¿Í Åë½ÅÇؼ­ private key¸¦ ¾ò´Â´Ù.

machA (ÀÚ½ÅÀÇ ÁÖ ÀÛ¾÷Àå)¿¡ óÀ½ ·Î±äÇϸé ÀÏ´Ü ´ÙÀ½ÀÇ ¸í·ÉÀ» ½ÇÇàÇÑ´Ù.
alice@macha:~$ ssh-agent > ~/.ssh-agent.sh

¼ø¼­´Â Á» ¹Ù²î¾úÁö¸¸, machAÀÇ aliceÀÇ È¨µð·ºÅ丮¿¡ ÀÖ´Â .bash_profile¿¡ ´ÙÀ½ÀÇ ¸îÁÙÀ» Ãß°¡Çϵµ·Ï ÇÑ´Ù.
# ssh-agent variables
if [ -f ~/.ssh-agent.sh ]; then
  . ~/.ssh-agent.sh
fi

»ç½Ç»ó ssh-agent¿Í °ü·ÃÇÑ ÀÛ¾÷Àº ÀÌÁ¦ ³¡³µ°í »ç¿ë¸¸ ÇÏ¸é µÈ´Ù.

Ãß°¡> ¿ØÁö ¸ðµç °ÍÀÌ ÀÚµ¿À¸·Î ÀϾÀ¸¸é ÇÑ´Ù°í »ý°¢µÈ´Ù¸é(Á¦°¡ ±×·¸½À´Ï´Ù. -.-;;) ´ÙÀ½ÀÇ ¹æ¹ýÀ» »ç¿ëÇÒ ¼ö ÀÖ´Ù. ´Ù½Ã ¸»Çϸé, ssh-agent¸¦ Á÷Á¢ command line¿¡¼­ ½ÇÇàÇÏ´Â °ÍÀÌ ±ÍÂúÀº °ÍÀÌ´Ù.

.bash_profile¿¡ À§ÀÇ ³»¿ë ´ë½Å ¾Æ·¡¿Í °°ÀÌ »ðÀÔÇÑ´Ù.
# ssh-agent variables
if [ -f ~/.ssh-agent.sh ]; then
    . ~/.ssh-agent.sh
fi
if [ ! -S $SSH_AUTH_SOCK ]; then
    ssh-agent -t 86400 > ~/.ssh-agent.sh
    echo "No agent! ssh-agent started."
    . ~/.ssh-agent.sh
fi

ÀÌ·¸°Ô Çϸé ÀÏ´Ü .ssh-agent.shÀ̶ó´Â ÆÄÀÏÀÌ ÀÌ¹Ì ÀÖ´ÂÁö È®ÀÎÇÏ°í ÀÖÀ¸¸é ÀоîµéÀδÙ. ±×¸®°í °Å±â¿¡¼­ ¼³Á¤µÈ ¼ÒÄÏ($SSH_AUTH_SOCK)ÀÌ Á¤¸»·Î ÀÖ´ÂÁö È®ÀÎÇÑ´Ù. ±×·¸Áö ¾ÊÀ¸¸é ssh-agnet°¡ µ¹°í ÀÖÁö ¾ÊÀ¸´Ï »õ·Î ½ÇÇàÇÑ´Ù´Â ¸Þ½ÃÁö¸¦ ¶ç¿ì°í .ssh-agent.sh¸¦ ´Ù½Ã ¸¸µç´Ù. ´Ù¸¥ °Í ¶Ç ÇÑ°¡Áö´Â -t 86400 ¿É¼ÇÀ» Ãß°¡Çؼ­ ±âº»ÀûÀ¸·Î ssh-add¸¦ ÅëÇؼ­ key¸¦ Áý¾î ³ÖÀ» ¶§ Á¦Çѽð£À» ÇÏ·ç·Î ¼³Á¤ÇÑ´Ù´Â °ÍÀÌ´Ù.

6. »ç¿ë

ÀÏ´Ü shell·Î ·Î±äÀ» Çϸé ÀÌÁ¦ ssh-agent°¡ Ç×»ó µ¹°í ÀÖ´Ù°í È®½ÅÇÒ ¼ö ÀÖ°Ô µÆ´Ù. ÀÌÁ¦´Â ssh-add¸¦ ÅëÇؼ­ key¸¦ ·ÎµåÇØÁÙ ÇÊ¿ä°¡ Àִµ¥, ÀÌ¹Ì ¸¸µé¾îµÐ key¸¦ ±×³É ·ÎµåÇÒ °æ¿ì¿¡´Â command line¿¡¼­

alice@macha:~$ ssh-add

¶ó°í¸¸ ÇÏ°í Æнº¿öµå¸¦ ÀÔ·ÂÇÏ¸é µÈ´Ù.

7. »çÁ·

±×³É ³¡³»¸é ½É½ÉÇϴϱî.. ^^

ssh-agent°¡ ¾øÀ» ¶§´Â Á¢¼ÓÇÒ ¶§ ÀÌ·± ½ÄÀÌ´Ù.
alice@macha:~$ ssh alice@machb
Password: <alice@machbÀÇ password>
Linux machb 2.6.8-2-686 #1 Tue Aug 16 13:22:48 UTC 2005 i686 GNU/Linux

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
You have mail.

Last login: Wed Dec 27 12:02:44 2006 from macha
alice@machb:~$

ssh-agent°¡ ÀÖÀ¸¸é

alice@macha:~$ ssh alice@machb
Linux machb 2.6.8-2-686 #1 Tue Aug 16 13:22:48 UTC 2005 i686 GNU/Linux

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
You have mail.

Last login: Wed Dec 27 12:02:44 2006 from macha
alice@machb:~$

password¸¦ ¾È ¹°¾îº»´Ù.

svn+sshÀ» ÅëÇؼ­ ÀÛ¾÷ÇÑ´Ù¸é update³ª commitÀ» ÇÒ ¶§¸¶´Ù Çѵιø¾¿ ¹°¾îº¸´Â Æнº¿öµå¸¦ óÀ½¿¡ ÇÑ ¹ø¸¸ ÀÔ·ÂÇÏ¸é µÈ´Ù´Â ¾ÆÁÖ¾ÆÁÖ Æí¸®ÇÑ Á¡ÀÌ »ý±ä´Ù.

8. Document history

  • óÀ½ ÀÛ¼º -- Lbird 2006-12-28 23:53:47
  • .bash_profile ³»¿ë ¼öÁ¤ -- -- Lbird 2007-03-29 17:33:16

9. TODO



ID
Password
Join
Your mode of life will be changed for the better because of good news soon.


sponsored by andamiro
sponsored by cdnetworks
sponsored by HP

Valid XHTML 1.0! Valid CSS! powered by MoniWiki
last modified 2007-03-29 17:33:16
Processing time 0.0126 sec