Key authentication for SSH and SSH

Source: Internet
Author: User


1. What is openssh

is a software that provides remote access control.

2. remote login via ssh

SSH [email protected] # Login

Louout # Log Out

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/86/F6/wKioL1fP2MCQ4wcLAAFQgJ_mgnc851.png "title=" Picture 1.png "alt=" Wkiol1fp2mcq4wclaafqgj_mgnc851.png "/>

2.ssh key authentication

key is divided into public Keyand PrivateKey# Public Key equivalent to lock private Keyequivalent to the key

(1) Create key

Ssh-keygen # Generate key

[[email protected] desktop]# Ssh-keygen # Create key

Generating public/private RSA key pair. # Creation Process

Enter file in which to save the key (/root/.ssh/id_rsa): # generates A key storage location, it is recommended to use the default

Enter passphrase (empty for no passphrase): #key password, can be empty

Enter same passphrase again: # repeat key 's password

Your identification has been saved In/root/.ssh/id_rsa.

Your public key has been saved in/root/.ssh/id_rsa.pub.

The key fingerprint is:

8c:dd:ed:96:49:73:db:e8:38:0a:7c:fc:25:90:c4:42 [email protected]

The key ' s Randomart image is:

+--[RSA 2048]----+

| E |

| .       . |

| . o |

| + + O |

| .  S + +. |

| . . + = + |

| o O * +. |

| o o.= |

| .. O.. |

+-----------------+ # creation process

Key storage location #is_rsa. Pub is the public key,Id_rsa is the private key

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/86/F7/wKiom1fP2Omg1j9MAAB04MzRNpA036.png "title=" Picture 2.png "alt=" Wkiom1fp2omg1j9maab04mzrnpa036.png "/>

(2) use key to encrypt target user of target host

Ssh-copy-id-i/home/test/.ssh/id_rsa.pub [email protected]

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M02/86/F6/wKioL1fP2QSBT1SIAAFWHzwAxyk633.png "title=" Picture 3.png "alt=" Wkiol1fp2qsbt1siaafwhzwaxyk633.png "/>

Ssh-copy-id # # # tools to upload key

- I. # # # Specifies the public key to use

/home/test/.ssh/id_rsa.pub ##### using the name of the public key

Root # # # of managed target users

172.25.28.10 # # # IP of the host on which the managed user resides

650) this.width=650; "Src=" Http://s4.51cto.com/wyfs02/M02/86/F8/wKiom1fP2RrT8kpgAAB-MtcmatE397.png-wh_500x0-wm_3 -wmp_4-s_327287044.png "title=" image 4.png "alt=" Wkiom1fp2rrt8kpgaab-mtcmate397.png-wh_50 "/>

The highlighted Authorized_keys file is the final key file created. # The content is the same as the public key. Can be sent to specific users for their login.

(3) Simple configuration of sshd services

/etc/ssh/sshd_config # # #sshd configuration file for service

permitrootlogin yes|no# # # # # # allows the root user to pass sshd The Certification

passwordauthentication Yes|no # # # Turn user password Authentication on or off

allowusers Student Westos # # # user Whitelist, only allow users appearing on the list to use the sshd service

systemctl Restart sshd # # Reload configuration


Key authentication for SSH and SSH

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.