Linux Server Setup Key verification login

Two methods:

Method One: Create a secret key with Linux built-in RSA

Method Two: Using the CRT client, generate the secret key

650) this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0056.gif "alt=" J_0056.gif "/>650" this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0056.gif "alt=" J_0056.gif "/>650) this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0056.gif "alt=" J_0056.gif "/>650) this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0056.gif "alt=" J_0056.gif "/>650) this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0056.gif "alt=" J_0056.gif "/>650) this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0056.gif "alt=" J_0056.gif "/>650) this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0056.gif "alt=" J_0056.gif "/>650) this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0056.gif "alt=" J_0056.gif "/>650) this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0056.gif "alt=" J_0056.gif "/>650) this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0056.gif "alt=" J_0056.gif "/>650) this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0056.gif "alt=" J_0056.gif "/>650) this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0056.gif "alt=" J_0056.gif "/>650) this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0056.gif "alt=" J_0056.gif "/>650) this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0056.gif "alt=" J_0056.gif "/>

Method One:

1. Using RSA to generate keys

[[email protected] ~]# ssh-keygen                                  # #生成密钥命令 

generating public/private rsa key pair.                      # #生成密钥 (private key/public key) pair Enter file  in which to save the key  (/ROOT/.SSH/ID_RSA):     # #保存到 /root/.ssh/id_rsa Direct Carriage return enter passphrase  (empty for no passphrase):                  # #输入密钥密码Enter  same  passphrase again:                                  # #再次输入  Your identification has been saved in /root/.ssh/id_rsa.     # #你的私钥存在/root/.ssh/id_rsayour public key has been saved in  /root/.ssh/id_rsa.pub.    # #你的公钥存在/root/.ssh/id_rsa.pubthe key fingerprint is:b2:19:2d:10:fe:8a:2f:f0 : E9:05:ec:da:fc:93:ad:74 [email protected]the key ' s randomart image is:+--[  RSA 2048]----+|    .             | |    . .           | |     o            | |  .   o .         | |   o   = s        | |.  o . *         | |  oo.+oe          | |  +++o.           | |. +o+o           |+-----------------+ 

Create a touch Authorized_keys file to hold the public key and put the public key you just generated into

[email protected]. ssh]#

Place the generated private key on the local

2. Set SSH authentication Mode

[[Email protected] ~]# vim /etc/ssh/sshd_config Remove these three notes rsaauthentication yes                          # #是否使用纯的  RSA  Certification pubkeyauthentication yes                      # #是否允许  public key? authorizedkeysfile     .ssh/authorized_keys  # #设定若要使用不需要密码登入的账号时, Then the file name where the account is stored! Change the following three parameters to no                           # #防止用密码登陆ChallengeResponseAuthentication  no             # #挑战任何的密码认证PasswordAuthentication  no                      # #密码验证UsePAM  no                                       # #这样可以加快连接, do not verify DNS

3. Restart the SSHD service

[[Email protected] ~]# service sshd restart

4. Connection

Tip: When using a remote connection client CRT connection, a key must be required to log in

650) this.width=650; "Src=" Http://s4.51cto.com/wyfs02/M02/8A/43/wKioL1gsLVjQFw6WAABQcgFeIk4063.jpg-wh_500x0-wm_3 -wmp_4-s_516543221.jpg "title=" miyao.jpg "alt=" Wkiol1gslvjqfw6waabqcgfeik4063.jpg-wh_50 "/>

The CRT 128 attribute authentication is found at this time

Select Public Key-Properties

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/8A/53/wKiom1gtTizzn9hyAACTn7VdgH8567.jpg "style=" float: none; "title=" 1c6d.tmp.jpg "alt=" Wkiom1gttizzn9hyaactn7vdgh8567.jpg "/>

Select Use Session public key setting

Certificate selection The first step is downloaded to the local private key, OK

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/8A/4F/wKioL1gtTizijysUAABu3buJTQI383.jpg "style=" float: none; "title=" 5c7b.tmp.jpg "alt=" Wkiol1gttizijysuaabu3bujtqi383.jpg "/>

5. Login Success

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/8A/50/wKioL1gtXJ7h6RgbAAAJyE22JeM377.jpg "title=" 1b50.tmp.jpg "alt=" Wkiol1gtxj7h6rgbaaajye22jem377.jpg "/>

650) this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0058.gif "alt=" J_0058.gif "/>650" this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0058.gif "alt=" J_0058.gif "/>650" this.width=650; "src=" http://img.baidu.com/hi/ Jx2/j_0058.gif "alt=" J_0058.gif "/>650" this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0058.gif "alt=" j_ 0058.gif "/>650) this.width=650;" src= "Http://img.baidu.com/hi/jx2/j_0058.gif" alt= "J_0058.gif"/>650 " this.width=650, "src=" Http://img.baidu.com/hi/jx2/j_0058.gif "alt=" J_0058.gif "/>650" this.width=650; "src=" http ://img.baidu.com/hi/jx2/j_0058.gif "alt=" J_0058.gif "/>650" this.width=650; "src=" http://img.baidu.com/hi/jx2/j _0058.gif "alt=" J_0058.gif "/>650" this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0058.gif "alt=" j_0058.gif "/>650) this.width=650;" src= "Http://img.baidu.com/hi/jx2/j_0058.gif" alt= "J_0058.gif"/>650 "this.width=650;" Src= "Http://img.baidu.com/hi/jx2/j_0058.gif" alt= "J_0058.gif"/>650) this.width=650; " Src= "Http://img.baidu.com/hi/jx2/j_0058.gif" alt= "J_0058.gif"/>650) this.width=650; src= http://img.baidu.com /hi/jx2/j_0058.gif "alt=" J_0058.gif "/>650" this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0058.gif "alt=" J _0058.gif "/>650) this.width=650;" src= "Http://img.baidu.com/hi/jx2/j_0058.gif" alt= "J_0058.gif"/>650) this.width=650, "src=" Http://img.baidu.com/hi/jx2/j_0058.gif "alt=" J_0058.gif "/>650" this.width=650; "src=" http ://img.baidu.com/hi/jx2/j_0058.gif "alt=" J_0058.gif "/>650" this.width=650; "src=" http://img.baidu.com/hi/jx2/j _0058.gif "alt=" J_0058.gif "/>650" this.width=650; "src=" Http://img.baidu.com/hi/jx2/j_0058.gif "alt=" j_0058.gif "/>650) this.width=650;" src= "Http://img.baidu.com/hi/jx2/j_0058.gif" alt= "J_0058.gif"/>650 "this.width=650;" Src= "Http://img.baidu.com/hi/jx2/j_0058.gif" alt= "J_0058.gif"/>650) this.width=650; src= http://img.baidu.com /hi/jx2/j_0058.gif "alt=" J_0058.gif "/>650" this.width=650; "src=" Http://img.baidU.com/hi/jx2/j_0058.gif "alt=" J_0058.gif "/>650) this.width=650;" Src= "Http://img.baidu.com/hi/jx2/j_0058.gif" alt= "J_0058.gif"/>650) this.width=650, "src=" Http://img.baidu.com/hi/jx2/j_0058.gif "alt=" J_0058.gif "/>650" this.width=650, "src=" Http://img.baidu.com/hi/jx2/j_0058.gif "alt=" J_0058.gif "/>650" this.width=650; "src=" http ://img.baidu.com/hi/jx2/j_0058.gif "alt=" J_0058.gif "/>650" this.width=650; "src=" http://img.baidu.com/hi/jx2/j _0058.gif "alt=" J_0058.gif "/>

Method Two:

1. Generate Secret Key

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/8A/50/wKioL1gtWuCSrZI3AAA3-doNoB4576.jpg "style=" float: none; "title=" 507a.tmp.jpg "alt=" Wkiol1gtwucsrzi3aaa3-donob4576.jpg "/>

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M02/8A/54/wKiom1gtWuCQriKcAABLGZYhiLQ958.jpg "style=" float: none; "title=" 507b.tmp.jpg "alt=" Wkiom1gtwucqrikcaablgzyhilq958.jpg "/>

The passphrase is the key password to be used later.

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/8A/50/wKioL1gtWuHjaOzwAABWN8LsTq4277.jpg "style=" float: none; "title=" 507c.tmp.jpg "alt=" Wkiol1gtwuhjaozwaabwn8lstq4277.jpg "/>

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M01/8A/54/wKiom1gtWuHjk7s5AABSrnezNzM469.jpg "style=" float: none; "title=" 508d.tmp.jpg "alt=" Wkiom1gtwuhjk7s5aabsrneznzm469.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/8A/50/wKioL1gtWuGR7242AABNj8siSZo277.jpg "style=" float: none; "title=" 508e.tmp.jpg "alt=" Wkiol1gtwugr7242aabnj8siszo277.jpg "/>

Remember the path

650) this.width=650; "src=" http://s5.51cto.com/wyfs02/M00/8A/54/wKiom1gtWuKDFljFAABelwrl6wI676.jpg "style=" float: none; "title=" 508f.tmp.jpg "alt=" Wkiom1gtwukdfljfaabelwrl6wi676.jpg "/>

2, the private key according to

The CRT 128 attribute authentication is found at this time

Select Public Key-Properties

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/8A/53/wKiom1gtTizzn9hyAACTn7VdgH8567.jpg "title=" 1c6d.tmp.jpg "style=" Float:none; "alt=" wkiom1gttizzn9hyaactn7vdgh8567.jpg "/>

Choose to use the session public key setting (the path here is D:\Documents, Identity)

Certificate selection The first step is downloaded to the local private key, OK

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/8A/4F/wKioL1gtTizijysUAABu3buJTQI383.jpg "title=" 5c7b.tmp.jpg "style=" Float:none; "alt=" wkiol1gttizijysuaabu3bujtqi383.jpg "/>

3. The public key is placed in the Authorized_keys

4. Connection

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/8A/50/wKioL1gtXJ7h6RgbAAAJyE22JeM377.jpg "title=" 1b50.tmp.jpg "alt=" Wkiol1gtxj7h6rgbaaajye22jem377.jpg "/>

This article is from the "Go Ultraman" blog, please be sure to keep this source http://dahui09.blog.51cto.com/10693267/1873914

Linux Server Setup Key verification login