Implementation of key-based security verification in Linux ------- OpenSSH + WinSCP + putty key generator + putty
Tutorial background:
Xiaonuo has used Linux to build various servers (FTP, DNS, Apache, Sendmail, and Samba), because these servers are placed in a safe place, generally, no one is allowed to access these servers. The company now needs to securely access these servers through remote clients. SSH is a standard network protocol that can be used in most UNIX operating systems to achieve remote login management on the character interface. it uses port 22 by default and transmits data in the network in the form of ciphertext, it is more secure than Telnet through plaintext transmission. SSH provides two user authentication methods: password and key. both methods transmit data through ciphertext. The difference is that the password user authentication method transfers the user's account name and password, this requires that the entered password be complex enough to ensure higher security. For key-based security authentication, you must create a pair of keys for the user and place the keys on the server to be accessed. When you need to connect to the SSH server, the client software sends a request to the server to use the client key for security verification. After receiving the request, the server first looks for a common key under the root directory of the user, and then compares it with the public key sent. If the two keys are consistent, the server uses the public key to encrypt the question and send it to the client software (puetty ). After receiving the question, the client can decrypt it with a local private key and then send it to the server. This method is quite safe.
Tutorial network topology:
