Connect to the remote host based on the Xshell using the key, the details are as follows
To connect to a remote host, there are generally two ways to authenticate the identity, one through the user's password, and the other through the public key.
Figure 1, Xshell supports verifying the way users are logged on
The following is the way to use public key to implement the connection, through the tool Ssh-kengen generate key pair.
Note: It is necessary to ping the native and destination hosts before the operation (if the ping is not working, the possible reason is that the firewall, SELinux is not turned off, or the gateway is set to a problem, etc.)
Using Xshell, the Xshell Manager 5 is used here, the destination host is CentOS6, and the remote host that needs to connect is called the destination host.
The destination host installs the SSH server and opens
?
123456 |
[[email protected] ~]$ yum Install -y openssh-server # installation OpenSSH server [[email protected] ~]$ yum install -y openssh-clients #安装openssh客户端, you can not install [[email protected] ~]$ service sshd start # temporarily turns on the sshd service [[email protected] ~]$ chkconfig sshd on # permanently turn on the SSHD service and the server restart is also in effect [[email protected] ~] $service sshd status # View sshd service running status openssh-daemon (PID 1384) is running ... # display is running |
Generate SSH key pair (including private key and public key)
?
123456789101112131415161718192021222324252627 |
[[email protected] ~]$ (
umask 0077;
ssh
-keygen)
# 生成ssh密钥对,并将权限设置为600
Generating public
/private rsa key pair.
Enter
file in which to save the key (
/root/
.
ssh
/id_rsa
):
# 回车
Enter passphrase (empty
for no passphrase):
Enter same passphrase again:
Your identification has been saved
in /root/
.
ssh
/id_rsa
.
Your public key has been saved
in /root/
.
ssh
/id_rsa
.pub.
The key fingerprint is:
fd:72:10:50:a6:7d:83:c7:93:d2:26:3d:12:0e:38:2f [email protected]
The key‘s randomart image is:
+--[ RSA 2048]----+
| .o.+ |
| o B * . |
| o. O % |
| E .. O + |
| .S o |
| o |
| . o |
| o |
| |
+-----------------+
[[email protected] ~]$
cd .
ssh
/
[[email protected] .
ssh
]$ ll
# 查看密钥/公钥对信息,权限都为600
总用量 8
-rw-------. 1 root root 1675 5月 21 14:26 id_rsa
# 私钥
-rw-------. 1 root root 392 5月 21 14:26 id_rsa.pub
# 公钥
[[email protected] .
ssh
]$
|
Modify the SSHD connection profile Vim/etc/ssh/sshd_config
?
123 |
PasswordAuthentication no # 不允许密码验证登录 PubkeyAuthentication yes # 允许公钥验证登录 AuthorizedKeysFile . ssh /id_rsa .pub # 指定公钥文件路径 |
To export the SSH key pair to this machine, we recommend creating a directory dedicated placement key pair
?
12 |
#]sz id_rsa #]sz id_rsa.pub |
Heavy-duty sshd service
?
12 |
[[email protected] . ssh ]$ service sshd reload 重新载入 sshd: [确定] |
Connect using Xshell
?
Figure 2, select key file
Figure 3, import the private key and determine
Note: Click OK and reconnect again
Figure 4, Connection success
The client uses the private key to authenticate, and the remote host uses the public key authentication.
Connect to a remote host based on Xshell using a key method