SSH service supports a security authentication mechanism, is the key authentication, it uses a pair of encrypted string, a public key, for encryption, anyone can see its contents, the other is called the private key, for decryption, only the owner can see its contents.
Key pairs are cryptographic algorithms that are public-key cryptography (or asymmetric encryption), such as RSA and DSA, which refer to public and private keys. Among them, the public key can be freely issued, only for encryption, the private key is only owned by one person, only for decryption. Any information that is encrypted with the public key can be decrypted with the private key to obtain the original information.
The RSA key pair works as follows:
Assuming that two users, A and B, are communicating, both the A and both have a pair of public and private keys for encryption and decryption, and A's public and private keys are Publica and Privatea, and B's public and private keys are PUBLICB and PRIVATEB respectively.
A A, if you want to send information to each other, so exchange the public key, A's public key tells B,b's public key to tell a, but the private key is confidential, just own.
A sends a message to B, and the plaintext is X.
A use the public key of B to encrypt the plaintext X to form ciphertext PUBLICB (x) and then transfer to B,
B received ciphertext, with the private key of B to decrypt the cipher Privateb (c (x)), to get the plaintext X to communicate.
b sends a message to a, and the plaintext is Y.
b Use A's public key to encrypt plaintext PublicA (y) and then transfer ciphertext to a,a received ciphertext, with a's public key to decrypt ciphertext Privatea (c (x)), to communicate the plaintext Y.
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/7E/D4/wKioL1cKD-OD4uP8AAB54LG4DzM169.png "title=" 1.png " alt= "Wkiol1ckd-od4up8aab54lg4dzm169.png"/>
1. Download Puttygen (key generator tool)
Http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/7E/D4/wKioL1cKEGajQJtlAACjRkjxx0M176.png "title=" 1.png " alt= "Wkiol1ckegajqjtlaacjrkjxx0m176.png"/>
2. Open Puttygen Click Generate
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/7E/D7/wKiom1cKEAaCEj-_AAE1O5BUywY780.png "title=" 1.png " alt= "Wkiom1ckeaacej-_aae1o5buywy780.png"/>
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/7E/D7/wKiom1cKED-Du9Q1AADx4_UmM5M576.png "title=" 1.png " alt= "Wkiom1cked-du9q1aadx4_umm5m576.png"/>
3, has generated a good key
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/7E/D7/wKiom1cKEHrgC8XcAAEpCW1Q1TU977.png "title=" 1.png " alt= "Wkiom1ckehrgc8xcaaepcw1q1tu977.png"/>
4, key comment can be modified or do not modify the key set password after completing
Copy the key and you'll need to put it on Linux. Click Save Private Key to save a path yourself
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/7E/D4/wKioL1cKE5Dx-4NXAAFlgq7GtXE605.png "title=" 1.png " alt= "Wkiol1cke5dx-4nxaaflgq7gtxe605.png"/>
5. Turn off the firewall
Getenforce View firewall status
two methods of closing
1 temporary closure :
Setenforce 0
2 permanently closed
Modifying the SELinux configuration file
vim/etc/selinux/config
If prompted for an error, yum install-y vim-enhanced or use VI
locate selinux=enforcing=>disabled after pressing ESC: WQ and then restart the system reboot
6. Mkdir/root/.ssh Create Folder
chmod 700/root/.ssh Modify permissions equal to RWX------
Vim/root/.ssh/authorized_keys paste the public key that you just copied into
1 "Press I to enter edit mode
2 "right mouse button paste
3 "Exit and save Esc:wq
7. Open Putty Select an IP this is what I saved before.
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M02/7E/D4/wKioL1cKFyySxDxCAAEQwtkRohs691.png "title=" 1.png " alt= "Wkiol1ckfyysxdxcaaeqwtkrohs691.png"/>
8. Import the private key that you just saved in return to session click Save and Open
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/7E/D4/wKioL1cKF53QxiRRAAEosi0sTnk812.png "title=" 1.png " alt= "Wkiol1ckf53qxirraaeosi0stnk812.png"/>
9, open the input at this time is not the root password is the password of the key just now
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/7E/D7/wKiom1cKFzXT-yh7AABKYC_tPkc256.png "title=" 1.png " alt= "Wkiom1ckfzxt-yh7aabkyc_tpkc256.png"/>
The next time you log on, open this page still appears.
Avatar------17:12
This article from the "11007865" blog, reproduced please contact the author!
Avatar Learn Linux-----putty secret key Login