Create key login certifications with SECURECRT
First, generate a public/private key
Using the SecureCRT tool, create the public key, the encryption algorithm chooses RSA, because the RSA configuration file is selected in the algorithm.
Pass phrase can not be entered. However, you will be asked to enter a passphrase when you log in.
and modify comment related information, using the personal account name @ Server information mode
Fill in the key length, default is 1024
This selects the generated key using the OpenSSH key format. If you choose the default format, upload to the server when you need to do the format conversion work, you need to connect through the command line also need to convert the private key to the OpenSSH format via SECURECRT, it is recommended to use the OPENSSH key format!
When you click Done, two files are generated, by default identity and Identity.pub, where the identity is the private key and Identity.pub is the public key.
second, the server-side configuration
Uploading Windows client SECURECRT generated public key identity.pub to the user home directory. The SSH folder is usually uploaded with FTP. Be sure to upload in ASCII format before uploading.
Cd/home/danny
mkdir. SSH #在需要开启ssh连接的用户目录下建立. SSH directory
chmod. SSH
CD. SSH
MV Identity.pub Authorized_keys #如果采用的格式不是openssh的话, you need to perform ssh-keygen-i-F identity.pub >>authorized_keys command to format the Change
chmod 644. Ssh/authorized_keys
Change the SSH configuration file
Vim/etc/ssh/sshd_config #修改, confirm SSH configuration file
Permitrootlogin No #禁止root登录
Pubkeyauthentication Yes #启用公告密钥配对认证方式
Authorizedkeysfile. Ssh/authorized_keys
Rsaauthentication Yes #允许RSA密钥
Passwordauthentication no #禁止密码验证登录, if enabled, OpenSSH's RSA Authentication login is meaningless.
Reload the sshd service and use/etc/init.d/ssh restart to
Here, the setup is complete. may be verified by a new session, in the new session in SECURECRT choose to use public key authentication, remove password authentication, do login verification.
Login test, enter the key passphrase to see if the login is successful! If the login is unsuccessful, please check the following:
1, whether the permission is 644
2. is the owner correct
3, choose whether to choose when creating the key is OpenSSH, if you do not need to convert the format
third, the command line through the certificate login settings
Configuration of certificates in the OpenSSH format
Transfer the private key Identity directly to the corresponding. SSH directory, such as transfer to/home/danny/.ssh,chmod 600/home/danny/.ssh/identity
Ssh-i/home/danny/.ssh/identity [email protected] Enter the passphrase to connect
Configuration with standard public and Vandyke private key formats
First convert the private key into OpenSSH format
Convert the identity private key to the corresponding. SSH directory after the conversion, followed by the same operation as before, here is not to repeat
Linux securecrt SSH key authentication login