SSH is based on Key verification and accelerates SSH connection, and key verification ssh connection speed

Source: Internet
Author: User

SSH is based on Key verification and accelerates SSH connection, and key verification ssh connection speed

 

Authentication Method for SSh service logon:

Password-based security verification

1. When the client initiates an ssh request, the server will send its own public key to the user.

2. the user encrypts the password based on the public key sent from the server.

3. The encrypted information is sent back to the server. The server uses its own private key for decryption. If the password is correct, the login is successful.

Note: The server you are connecting to cannot be the server you want to connect. Other servers may pretend to be real servers, that is, being attacked by man-in-the-middle.

Key-based security verification

1. First generate a key pair (ssh-keygen) on the client, and copy the Public Key ssh-copy-id of the client to the server.

2. When the client sends a connection request again, including ip address and User Name

3. After the server receives a request from the client, it will go to authorized_keys to find the request. If there is a response IP address and a user, a random string will be generated, for example, acdf.

4. The server encrypts the public key copied from the client and sends it to the client.

5. After receiving a message from the server, the client uses the private key for decryption and then sends the decrypted string to the server.

6. After receiving the string sent from the client, the server compares it with the previous string. If the string is the same, password-free logon is allowed.

 

 

Centos 6 is the client 192.168.40.130

Centos 7 is the server 192.168.40.129

1. Generate a key pair on the client

The default value is rsa.

Ssh-keygen-t dsa generate a key pair using the dsa Algorithm

 

2. Transfer the public key file to the server. log on to the user's home directory.

 

Iii. connection test

 

After the Key is verified, scp will be password-free for ssh Channels

Private Key must be saved

 

 

Accelerate SHH connection

Modify the/etc/ssh/sshd_config configuration file on the server.

 

Change UseDNS and GSSAPIAuthentication to no.

Then restart the ssh service.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.