Linux uses keys to log on to SSH

Operating System:centos 6.5 64bit
SSH Clients:putty/puttygen

1) Installing the SSH service

#yum install-y openssh-server//install SSH service #/etc/init.d/sshd start//start SSH Service #netstat-anpt | grep sshd//To see if it started successfully

2) generate the key on the server

#ssh-keygen-b 1024-t RSA uses the Ssh-keygen command on Linux to generate the key (-B bits-t type/more parameters to know for yourself)//enter file in which to save key (store key path, default //enter Passphrase (key password)

3) public and private keys

The default generated key is in the user host directory ~/.ssh/
Generates a public key (Id_rsa.pub) and a private key (ID_RSA)
Write public key content to the ~/.ssh/authorized_keys file (create this file)

#cat id_rsa.pub > Authorized_keys

4) Configure/etc/ssh/sshd_config file

Backup is recommended before configuration

Save the file and restart the SSH service after the change is completed

When you are not sure that the certificate login must be successful, do not disable password authentication to log in, so as not to cause unnecessary trouble to change or add content

#cp-P/etc/ssh/sshd_config/etc/ssh/sshd_config.bak#vim/etc/ssh/sshd_configport//ssh Service listening Port Protocol 2//SSH protocol version per Mitrootlogin Yes//allows the root user to log in with SSH serverkeybits 1024//Key bits, depending on the number of digits specified when generating the key passwordauthentication no//Whether the password authentication method is used ( You can disable the password authentication method after ensuring success login Permitemptypasswords no//disable blank password login rsaauthtication Yes//enable RSA Authentication Pubkeyauthentication Yes//enable public key authentication Authorzedkeysfile. Ssh/authorized_keys//Public key file Strictmodes Yes//public key file host directory name must be the same as the login user name #/etc/init.d/sshd restart

5) Log on with the key

i> Download the Id_rsa private key to the client that needs to log on to the SSH service

Ii> using Puttygen to convert the private key to PPK format

The Putty Login tool does not recognize id_rsa, so use the Puttygen tool to convert to a putty recognized key

Change bits to be the same as when Ssh-keygen is generated (1024)

Iii> Putty Settings

Session-> host address and Port

Connection-> Ssh-> certified-> Certified private key File->ID_RSA.PPK (select your saved private key file after conversion)

& Error

Puttygen.exe when loading files if not supported, please download the latest version Puttygen.exe

This article is from the "Whang" blog, make sure to keep this source http://whangh.blog.51cto.com/10054339/1708593

Linux uses keys to log on to SSH