Recently encountered the need to use a key login situation, different connection terminal situation is not the same, so to summarize this
First, the key pair generation
Note: The local host and destination host need to be ping
1) Verify that the server is installed with SSH and the OpenSSH service side
[[email protected] ~]$ rpm -qa |grep opensshopenssh-6.6.1p1-25.el7_2.x86_64openssh-clients-6.6.1p1-25.el7_2.x86_64openssh-server-6.6.1p1-25.el7_2.x86_64[[email protected] ~]$ [[email protected] ~]$ [[email protected] ~]$ systemctl status sshd● sshd.service - OpenSSH server daemon Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2018-05-21 17:40:41 CST; 22h ago Docs: man:sshd(8) man:sshd_config(5) Main PID: 10690 (sshd) CGroup: /system.slice/sshd.service └─10690 /usr/sbin/sshd -D
2) Switch the destination host to an account that requires a key to log in, generate a key pair
[[email protected] ~]$ ssh-keygenGenerating public/private rsa key pair.Enter file in which to save the key (/home/zyy/.ssh/id_rsa): Created directory ‘/home/zyy/.ssh‘.Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/zyy/.ssh/id_rsa.Your public key has been saved in /home/zyy/.ssh/id_rsa.pub.The key fingerprint is:1d:46:32:22:37:b3:ff:f1:14:d9:6f:3c:19:cb:4a:11 [email protected]The key‘s randomart image is:+--[ RSA 2048]----+| . = o . E || o = + o. || . o o... || . o . .oo+|| S o .. =+|| . +. ...|| . .. || || |+-----------------+
3) View generated keys, public key pairs, and permissions set to 600
[[email protected] .ssh]$ lltotal 8-rw------- 1 zyy zyy 1679 May 22 16:32 id_rsa # 私钥-rw-r--r-- 1 zyy zyy 397 May 22 16:32 id_rsa.pub # 公钥
4) Modify the login method as needed
修改 sshd 连接配置文件 vim /etc/ssh/sshd_configPasswordAuthentication no # 不允许密码验证登录PubkeyAuthentication yes # 允许公钥验证登录AuthorizedKeysFile .ssh/id_rsa.pub # 指定公钥文件路径
5) Export the private key and public key to save the standby
Second, using Xshell connection
Open the connection terminal, set the host name, and then set the connection information.
The following error message may appear during the connection process
This is because there is no authentication on the service side
将公钥追加到一个文件,命名为authorized_keys[[email protected] .ssh]$ cat id_rsa.pub >authorized_keys将文件权限设置为 600[[email protected] .ssh]$ chmod 600 authorized_keys [[email protected] .ssh]$ [[email protected] .ssh]$ lltotal 12-rw------- 1 zyy zyy 397 May 22 16:47 authorized_keys-rw------- 1 zyy zyy 1679 May 22 16:32 id_rsa-rw------- 1 zyy zyy 397 May 22 16:32 id_rsa.pub
And then we re-connect and we're OK.
Third, using SECURECRT connection
Turn on the CRT, configure the connection information, set the key authentication as the preferred sign-in method
Then import the public key
Click Confirm to connect successfully
Resources
- Connect to a remote host based on Xshell using a key method
- In SecureCRT, connect a Linux server via a key pair
Different connection terminals log on to Linux by key mode