VSCode Remote-SSH插件使用证书登陆远程服务器

客户端

1. 生成秘钥对

[root@wks ~]#ssh-keygen <== 建立密钥对，默认没有其他需求，直接知心命令就行了
Generating public/private rsa key pair. <==生成公共/私有rsa密钥对。
Enter file in which to save the key (/root/.ssh/id_rsa): <==输入保存密钥的文件(/root/.ssh/id_rsa) 直接回车 默认
Enter passphrase (empty for no passphrase): <== 输入密钥锁码，或直接按 Enter 留空
Enter same passphrase again: <== 再输入一遍密钥锁码
Your identification has been saved in /root/.ssh/id_rsa. <== 私钥
Your public key has been saved in /root/.ssh/id_rsa.pub. <== 公钥
The key fingerprint is:
SHA256:/[------]
The key's randomart image is:

2. 将公钥拷贝到服务端

ssh-copy-id -i ~/.ssh/id_rsa.pub username@[server IP]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/username/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
username@192.168.2.22's password: 

Number of key(s) added:        1

Now try logging into the machine, with:   "ssh 'username@[server IP]"
and check to make sure that only the key(s) you wanted were added.
<== 根据提示输入服务端username对应的密码

服务端

1. 配置允许证书登陆

vim /etc/ssh/sshd_config

将PubkeyAuthentication 修改为yes
2. 允许私钥登陆

cat id_rsa.pub >> authorized_keys
chmod 600 authorized_keys
chmod 700 ~/.ssh

客户端

1. 测试

ssh username@[server IP]

如果不用输入密码可登陆即完成证书适配

2. 安装Remote-SSH插件并修改配置文件

Host [server IP]
  HostName [server IP]
  User username
  ForwardAgent yes
  IdentityFile "/Users/[local username]/.ssh/id_rsa"

服务端（可选：禁止密码登陆）

vim /etc/ssh/sshd_config
PasswordAuthentication no