Generate PublicKey
LINUX:SSH-KEYGEN-T RSA
[Private key (ID_RSA) and public Key (Id_rsa.pub)]
Windows:securcrt/xshell/putty
[SSH-2 RSA 2048]
1 #生成SSH密钥对2 Ssh-keygen-t RSA3 4Generating public/private RSA key pair.5 #建议直接回车使用默认路径6Enterfile inch whichTo save the key (/root/.SSH/Id_rsa):7 #输入密码短语 (leave blank then enter directly)8Enter Passphrase (empty forno passphrase):9 #重复密码短语Ten Enter same passphrase again: OneYour identification has been savedinch/root/.SSH/Id_rsa. AYour public key has been savedinch/root/.SSH/id_rsa.pub. - The key fingerprint is: -AA:8B: A: -: -: ad:b5: the: CA:Wuyi: $: B9: the: E1: the: E1 [email protected] theThe key's Randomart image is: -+--[RSA2048]----+ -| . O. | -| .. . . | +| . . . o O | -| O.. . o E | +|o.=. S. | A|. *.+ . | at|o.*. | -| . + . | -| . O. | -+-----------------+
Copy key pair
| You can also manually set up directories and Authorized_keys on the client, notice the Modify permissions
1 #复制公钥到无密码登录的服务器上, 22 port changes can be used with the following command 2 #ssh-copy-ID -i ~/. SSH " - p 10022 [email protected] " 3 SS H-copy-ID -I. ~/. ssh/id_rsa.pub [email protected]192.168. 15.241
Modify the SSH configuration file
1 #编辑sshd_config文件 2 vi /etc/ssh /sshd_config 3 4 #禁用密码验证 5 passwordauthentication No 6 #启用密钥验证 rsaauthentication Yes 8 pubkeyauthentication Yes 9 Span style= "color: #000000;" > #指定公钥数据库文件 10 authorsizedkeysfile. ssh /authorized_keys
| It is recommended to keep one more session before restarting the SSH service safekeeping
1 #RHEL/CentOS system 2service sshd restart3#ubuntu系统 4 SSH Restart 5 #debian系统 6 /etc/init.d/ssh restart
Manually add administrative users
| can be added after = = User Comment Identification easy to manage
1 Echo ' Ssh-rsa XXXX ' >>/root/. ssh/authorized_keys23# review 4cat /root/. ssh/authorized_keys
Reprint http://wsgzao.github.io/post/ssh/
SSH use key login and prohibit password login practice