SSH service supports a security authentication mechanism, that is, key authentication. The so-called key authentication, in fact, is to use a pair of encrypted strings, one called the public key, which anyone can see its contents, used for encryption, and another called The secret key (private key), which only the owner can see for decryption. Ciphertext encrypted with public key can be easily decrypted using a secret key, but it is difficult to guess the key based on the public key. SSH's key authentication is the use of this feature. Both the server and the client have their own public keys and keys. How to use key authentication to log on to a Linux server?
First, use the tool Puttygen. EXE to generate the key pair. When you open the tool PUTTYGEN.EXE, the following illustration shows:
The tool can generate three formats of key:ssh-1 (RSA) SSH-2 (RSA) SSH-2 (DSA), and we use the default format, SSH-2 (RSA). Number of bits in a generated key this refers to the size of the generated key, the larger the value, the more complex the generated key, the higher the security. Here we write 2048.
Then click Generate to start generating the key pair:
Note that the mouse is moving back and forth during this process, otherwise the progress bar will not move.
Here, the key pair has been generated. You can enter a password for your key, which (in key passphrase) can also be left blank. Then point save Public key saves the key, and the point save private key saves the key. I suggest you put in a safer place, one to prevent others peeping, and secondly to prevent accidental deletion. The next step is to set up on the remote Linux host.
1 Create directory/root/.ssh and set permissions
The code is as follows:
[Root@localhost ~]# mkdir/root/.ssh mkdir
command is used to create a table of contents, which will be described in detail and only temporarily.
The code is as follows:
[Root@localhost ~]# chmod 700/root/.ssh chmod
Commands are used to modify file property permissions, which are described in detail later.
2) Create File/Root/.ssh/authorized_keys
The code is as follows:
[Root@localhost ~]# Vim/root/.ssh/authorized_keys Vim
The command is the command to edit a text file, which is also described in detail in subsequent chapters.
3 Open the Public key file that you just generated, it is recommended to open it with WordPad, so look comfortable, copy everything from AAAA beginning to "----End SSH2 Public key----", paste it into/root/.ssh/authorized_ Keys file, make sure that all characters are Fu Yai in one line. (You can copy the copied content to Notepad, and then edit it into a line to paste into the file.) Here to briefly introduce, how to paste, with vim open that file, the file does not exist, so vim will automatically create. Press the letter "I" and then press SHIFT + Insert to paste (or click the mouse mail) if it has been copied to the Clipboard. When you paste it, move the cursor to the front of the line, enter Ssh-ras, and then press the space. Press ESC again, and then enter a colon wq that is: Wq is saved. The format is shown below:
4 and then set the Putty option, point window to the left of the Ssh–> Auth, click on the right side of the browse window ... Select the private key just generated, then click Open, and then enter root, you do not have to enter the password can log in.
If you set the key passphrase in front of you, you will be prompted to enter the password at this time. To be more secure, we recommend that you set a key passphrase.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
