SSH key authentication:
Use:
1.SSH IP Address
2.ssh [email protected] Remote host IP address # #USERNAME和IP都是远程主机的
2.ssh-l USERNAME Host_ip
The secret key is saved in the user's home directory, ~/.ssh/known_hosts
SSH follows the protocol for OpenSSL:
SSH tools:
Client: SSH, config file:/etc/ssh/ssh_config
Server side: sshd, configuration file:/etc/ssh/sshd_config
Ssh-keygen: Secret key generator
Ssh-copy-id: Pass the public key to the server and generate the./ssh/autoorized file on the server
SCP: Cross-Host Security Replication tool
SCP: For copying files to the server:
Usage: SCP [email protected] remote host Ip/path/to/file#将远程主机上的文件下载到本地
scp/path/to/file [email protected] remote host IP#将本地文件上传至服务器
SCP [email protected]./A.TXTSCP/a.txt [email protected]
SSH implementation without password login (only one time, no longer need to enter the password, and this process is one-way)
Generate secret Key
#生成一对秘钥, two files Id_rsa (private key) id_rsa.pub (public key) will be generated on ~/.ssh/
Ssh-keygen-t-rsa
2. Upload the Id_rsa.pub (private key) to the server
Two different ways:
1) Using SCP, this method requires a third step
SCP. ssh/id_rsa.pub [Email Protected]:/root
2) using Scp-copy-id, this command automatically creates and appends the contents of the id_rsa.pub to the Authorized_keys file on the server, using this method to skip the third step
Ssh-copy-id-i. ssh/id_rsa.pub [Email protected]
3. On the server side, the id_rsa.pub uploaded by the client is placed in the. SSH directory of the server user's home directory, and is named Authorized_keys, or it can be generated by chasing the way Authorized_keys
Cat Id_rsa.pub >> Ssh/authorized_keys
4. At this point in the client, it is no longer necessary to enter a password to log in, if the server side deleted the. ssh/authorized_keys file, the next time you log in, you will still be prompted to enter a password.
This article is from the "Small City Studio" blog, please be sure to keep this source http://xcroom.blog.51cto.com/7941996/1653003
Marco Linux-ssh Login key authentication Knowledge collation