SSH public key verification

SSH public key verification

It is not safe to log on to the server using the username and password. The SSH public key is used to verify that this method can effectively solve the login server and secure login server features:


Objective: to log on to the Server by using Client password-free ssh

SSH supports multiple logon verification methods. By default, keyboard-interactive is used, that is, the password type that you enter manually. Here we need to change to the public key authentication method, and set passphrase to be empty for password-free login.

1. Client:

Cd ~ /. Ssh
# Generate a public key file (id_dsa.pub) and a private key file (id_dsa). Type: DSA. The length is 1024 bits.
# Note: Press enter directly when querying passphrase.
Ssh-keygen-t dsa-B 1024
# Copy the public key to the remote host
Scp id_dsa.pub Server :~ /. Ssh/id_dsa.pub.Client // For example: scp id_dsa.pub username @ IP Address: target path
Scp-P port id_dsa.pub username @ IP Address: Destination path

2. Server:

Cd ~ /. Ssh
# Put the Client's public key into the Server's Trust List
Cat id_dsa.pub.Client> authorized_keys
# Updating permissions is very important
Chmod 0600 * after that, do not manually enter the password when logging on to the Server through SSH from the Client.

Scp is a remote copy in Linux.

Command:

(1) copy the local file to remote: scp file name username @ computer IP address or computer name: remote path
(2) remotely copy the file back to local: scp username @ computer IP address or computer name: local path of the file name
(3) copy the local directory to the remote: scp-r directory name username @ computer IP address or computer name: remote path
(4) remotely copy the directory back to local: scp-r username @ computer IP address or computer name: local path of directory name

The scp Command requires the Server linux to provide the ssh service (ssh service is not installed by default in linux)

1. Whether to install ssh: you can connect to the corresponding ssh service to view the sshhost. If ssh: connect to host *** port22: Connection refused is displayed, the ssh service has not been installed.

2. install the ssh service: sudo apt-get install openssh-server automatically installs the ssh service.

3. Start: sudo/etc/init. d/sshstart

4. Stop: sudo/etc/init. d/sshstop

5. Configuration: the default ssh port is 22. You can modify the configuration file to change the port and restart the ssh service. (Note: the configuration file/etc/ssh/sshd_config)

Note:
This command will generate a pair of keys under the user's home directory/. ssh directory
The ssh rsa key is generally used:
Id_rsa Private Key
Id_rsa.pub Public Key
The following command generates different types of keys
Ssh-keygen-t dsa
Ssh-keygen-t rsa
Ssh-keygen-t rsa1

You may also like the following SSH-related articles. For details, refer:

Complete SSH service configuration and troubleshooting in Ubuntu

How to install Samba and SSH server in Ubuntu 14.04

SSH service remote access to Linux Server login is slow

How to Improve the SSH login authentication speed of Ubuntu

Enable the SSH service to allow Android phones to remotely access Ubuntu 14.04

How to add dual authentication for SSH in Linux

Configure the SFTP environment for non-SSH users in Linux

Configure and manage the SSH service on Linux

This article permanently updates the link address: