Home > Developer > Linux

Linux SSH Create two-way key

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Linux SSH Secure Login

To create an SSH key

[Email protected] ~]# ssh-keygen-t RSA #创建密钥

Generating public/private RSA key pair.

Enter file in which to save the key (/ROOT/.SSH/ID_RSA): # key Location

Enter passphrase (empty for no passphrase): #输入密钥, can be empty

Enter same Passphrase again:

Your identification has been saved In/root/.ssh/id_rsa. #私钥

Your public key has been saved in/root/.ssh/id_rsa.pub. #公钥

The key fingerprint is:

40:96:bf:a5:89:c2:66:a3:bd:dc:79:a3:b5:a8:1f:8d [email protected]

The key ' s Randomart image is:

+--[RSA 2048]----+

| O. |

| O. |

| .. |

| .. . |

| . . s= |

| *. o+ |

| = OE O |

| ...... =o. |

| ++*o. |

+-----------------+

[email protected]. ssh]# ls

Id_rsa id_rsa.pub #把公钥上传到远程的linux机器上

[email protected]. ssh]#

[Email protected] ~]# Clear

[Email protected] ~]# ssh-copy-id-i ssh/id_rsa.pub [email protected]

The authenticity of host ' 10.0.0.2 (10.0.0.2) ' can ' t be established.

RSA key fingerprint is fb:82:7c:05:f1:74:86:47:52:64:87:3c:86:fd:cd:ee.

Is you sure want to continue connecting (yes/no)? Yes #第一次需要确认一下

warning:permanently added ' 10.0.0.2 ' (RSA) to the list of known hosts.

[email protected] ' s password:

Now try logging to the machine, with "ssh" [email protected] ' ", and check in:

. Ssh/authorized_keys

To make sure we haven ' t added extra keys so you weren ' t expecting.

[Email protected] ~]#

[[email protected] ~]# ssh 10.0.0.2

Enter passphrase for key '/root/.ssh/id_rsa ': #需要输入密钥

Last login:wed Oct-16:47:08 from 10.0.0.1

[Email protected] ~]# ls-a. ssh/

. .. Authorized_keys # Public Key View OK

[[Email protected] ~]# # reboot SSH is OK.

To make the system more secure, turn off password Authentication to enable key authentication

[Email protected] ~]# Vi/etc/ssh/sshd_config

Protocol 2 #启用ssh2

Pubkeyauthentication Yes #启用密钥认证

Authorizedkeysfile. Ssh/authorized_keys #密钥存放位置

Passwordauthentication No #关闭密码认证

[Email protected] ~]#/etc/init.d/sshd restart #重启ssh Service

650) this.width=650; "Style=" background-image:none; border-right-0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" image "border=" 0 "alt=" image "src=" http://img1.51cto.com/attachment/201410/30/4484443_ 1414683904s3ek.png "width=" 244 "height=" 206 "/>

650) this.width=650; "Style=" background-image:none; border-right-0px; margin:0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" image "border=" 0 "alt=" image "src=" http://img1.51cto.com/attachment/201410/30/4484443_ 1414683905df36.png "width=" 244 "height=" "/>

Change the system default port 22 to four-digit port and modify the SSH file

Vi/etc/ssh/sshd_config

If you need to log in, copy the public key file and it will be OK.

If you need to use a tool, you can configure the key on the tool

650) this.width=650; "Style=" background-image:none; border-right-0px; margin:0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" image "border=" 0 "alt=" image "src=" http://img1.51cto.com/attachment/201410/30/4484443_ 1414683905htkn.png "width=" 244 "height=" 206 "/>

A one-way key was created earlier

Create a two-way key pair two machines are executed # ssh-keygen–t RSA using the same key

Copy the generated key to the other machine ~/.ssh/directory and change the name to Authorized_krys (two names modified after copying the other user ~/.ssh/directory) to modify the Sshd_config file

650) this.width=650; "Style=" background-image:none; border-right-0px; margin:0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" image "border=" 0 "alt=" image "src=" http://img1.51cto.com/attachment/201410/30/4484443_ 1414683905bdmy.png "width=" 244 "height="/>

650) this.width=650; "Style=" background-image:none; border-right-0px; margin:0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" image "border=" 0 "alt=" image "src=" http://img1.51cto.com/attachment/201410/30/4484443_ 14146839059gck.png "width=" 226 "height=" "/>"

Test

650) this.width=650; "Style=" background-image:none; border-right-0px; margin:0px; padding-left:0px; padding-right:0px; border-top-width:0px; border-bottom-width:0px; border-left-width:0px; padding-top:0px "title=" image "border=" 0 "alt=" image "src=" http://img1.51cto.com/attachment/201410/30/4484443_ 14146839058ifj.png "width=" 244 "height="/>

No authentication required, lock network IP, etc.

Linux SSH Create two-way key

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
create ssh key mac create ssh key linux ssh key file import ssh key linux linux ssh key login linux ssh private key ssh key setup linux

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More