The first step is to create the public key
1. first create the key with the CRT, which is the diagram:
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/79/37/wKioL1aLnSbSFNz5AAExbGvU1sY105.png "title=" 1.png " alt= "Wkiol1alnsbsfnz5aaexbgvu1sy105.png"/>
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/79/38/wKiom1aLnTTjoIZeAABzsh-9w3M874.png "title=" 2.png " alt= "Wkiom1alnttjoizeaabzsh-9w3m874.png"/>
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/79/38/wKiom1aLnVfAqN8FAACEY53bkSo124.png "title=" 3.png " alt= "Wkiom1alnvfaqn8faacey53bkso124.png"/>
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/79/37/wKioL1aLnZSzSP9AAAB3y4551xU481.png "title=" 4.png " alt= "Wkiol1alnzszsp9aaab3y4551xu481.png"/>
The key length is the default, the larger the more secure
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/79/37/wKioL1aLncfwIcPIAACAYpLS5NE455.png "title=" 5.png " alt= "Wkiol1alncfwicpiaacaypls5ne455.png"/>
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/79/37/wKioL1aLnfXTmvRzAABPdq7n8Iw703.png "style=" float: none; "title=" 6.png "alt=" Wkiol1alnfxtmvrzaabpdq7n8iw703.png "/>
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/79/37/wKioL1aLnfbSqsK5AACa0MnLLLo201.png "style=" float: none; "title=" 7.png "alt=" Wkiol1alnfbsqsk5aaca0mnlllo201.png "/>
Select the OpenSSH key format so that you do not have to go back to the format later, you may not be able to generate the OpenSSH key format directly in the morning, you need to convert. My version can be generated directly. Here is the converted Command
Ssh-keygen–i–f identity.pub
Finally click Finish, will pop up as shown, a I choose whether or not, can also choose Yes.
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M02/79/38/wKiom1aLninwfkzWAAE5gJyrANQ975.png "title=" 8.png " alt= "Wkiom1alninwfkzwaae5gjyranq975.png"/>
You can find the private key and public key file in the previous file directory
Because I did not change this address, so the default is C:\Users\Administrator\Documents this directory will have: Identity (private key), identity.pub (public key)
The Identity.pub (public key) needs to be placed in the ~.ssh hidden directory on the server, so if this hidden directory is not ~.ssh on the server, it needs to be created manually. Ls–a can view hidden directories
My already exist. SSH hidden directory.
[Email protected] ~]# ls-a
. . bash_history. baser install.log. TCSHRC
.. . bash_logout B.txt Install.log.syslog
Anaconda-ks.cfg. Bash_profile. CSHRC . SSH
[Email protected] ~]#
The Identity.pub (public key) is copied to the server via the Rz–y command (there are several methods available here).
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/79/37/wKioL1aLnv2xXDAkAADCc0uKny4381.png "title=" 9.png " alt= "Wkiol1alnv2xxdakaadcc0ukny4381.png"/>
The file needs to be placed in the. SSH directory
[Email protected] ~]# mv identity.pub. SSH
[[Email protected] ~]# CD. SSH
[email protected]. ssh]# ls
Identity.pub known_hosts
[email protected]. ssh]#
You need to change the file name Authroized.keys
Note: The Identity.pub (public key) is named Authroized.keys for the reason: Authorizedkeysfile in the configuration file/etc/ssh/sshd_config of SSH . ssh/ Authorized_keys so you need to change the file name of the public key
[email protected]. ssh]# Cat Identity.pub>>authorized_keys
[email protected]. ssh]# ls
Authorized_keys identity.pub known_hosts
[email protected]. ssh]#
At the same time, you need to make changes to the permissions of the. SSH directory and the permissions of the Authorized_keys file.
Change the permissions of the. SSH directory to the 700,authorized_keys file to 600 (644), or you will not be able to log in after the problem occurs.
at the same time, after the above operation is completed, the SSHD service needs to be restarted/etc/init.d/sshd restart
Step TwowithCRTTool login via keyLinuxServer
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/79/37/wKioL1aLn2TCyOkXAAEWtzuC5kk642.png "title=" 10.png "alt=" Wkiol1aln2tcyokxaaewtzuc5kk642.png "/>
Select PublicKey Click Properties
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/79/37/wKioL1aLn5DA3cOFAAB0rd0I17I951.png "title=" 11.png "alt=" Wkiol1aln5da3cofaab0rd0i17i951.png "/>
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/79/37/wKioL1aLn57i4TUjAACTXJ2DnGM509.png "title=" 12.png "alt=" Wkiol1aln57i4tujaactxj2dngm509.png "/>
Then connect, will appear need to enter the previous set of passphrase, entered after the successful landing
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/79/38/wKiom1aLn7OwPC08AAA5l72XrCM300.png "title=" 13.png "alt=" Wkiom1aln7owpc08aaa5l72xrcm300.png "/>
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/79/37/wKioL1aLn-viPf7TAAFTksx3faI604.png "title=" 14.png "alt=" Wkiol1aln-vipf7taaftksx3fai604.png "/>
This article is from the "8703732" blog, please be sure to keep this source http://8713732.blog.51cto.com/8703732/1731847
CRT logs on to Linux server via key