Putty Key Verification Login

Last Update:2015-10-25 Source: Internet

Author: User

Tags syslog

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Configuration method:

1. Use Puttygen to generate public and private keys under putty

2. Create the. SSH directory under the/root/directory

3. Create a Authorized_keys file in the. ssh directory and copy the generated public key into the file;

4. Change file permissions

. SSH (Authorized_keys) (600)

5. Turn off the firewall (SELinux and NetFilter (iptables))

Temporary shutdown:

SELinux-Setenforce 0

NetFilter-Iptables-f

Permanently closed:

SELinux--Edit configuration file/etc/selinux/config

Iptables---perform service iptables save after executing iptables-f (writes the temporary purge rule to/etc/sysconfig/iptables Save)

6. Client Configuration

Ssh->auth-> Select private key path, save Sessions->open

--------------------------------------------------------------------------------------------------------------- ---------------------------------------------------------

Step 2-5:

[[email protected] ~]# ls

Anaconda-ks.cfg Install.log Install.log.syslog

[[email protected] ~]# mkdir. SSH //create. SSH directory

[Email protected] ~]# ls-a

. .. Anaconda-ks.cfg. bash_history. Bash_logout bash_profile bashrc. CSHRC install.log install.log.syslog. SSH tcsh Rc

[[Email protected] ~]# CD. SSH

[email protected]. ssh]# VI authorized_keys //Create and edit the Authorized_keys file and save the public key to the file

[email protected]. ssh]# chmod 700.. /.ssh //Change directory Permissions

[email protected]. ssh]# chmod authorized_keys //Change file permissions

[email protected]. ssh]# Setenforce 0 //Temporarily turn off SELinux firewall

[[email protected]. ssh]# iptables-f //temporarily close iptables firewall

[[email protected]. ssh]# Service Iptables Save //Permanently close iptables Firewall (combined with temporary shutdown command)

Iptables: Save firewall Rules to/etc/sysconfig/iptables: [OK]

[email protected]. ssh]# vi/etc/selinux/config //Permanently shut down SELinux firewall

# This file controls the state of the SELinux on the system.

# selinux= can take one of these three values:

# Enforcing-selinux security policy is enforced.

# Permissive-selinux Prints warnings instead of enforcing.

# disabled-no SELinux policy is loaded.

#SELINUX =enforcing //change SELINUX from enforcing to disabled

Selinux=disabled

# selinuxtype= can take one of these the values:

# targeted-targeted processes is protected,

# Mls-multi level Security protection.

selinuxtype=targeted

[email protected]. ssh]#

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Login for Key verification:

Authenticating The prompt that is entered when the private key is generated with the public Key "study"//

Passphrase for Key "study": //Enter the password set when generating the private key

Last Login:sun Oct 05:01:30 from 192.168.2.1

--------------------------------------------------------------------------------------------------------------- --------------------------------------------------------------

Knowledge Points:

1. Create directory: mkdir

2. Change directory/file permissions: chmod

3, Inux with SELinux and netfilter two kinds of firewalls

Temporary/permanent closure of SELinux and Iptables methods :

Temporary shutdown:

SELinux-Setenforce 0

NetFilter-Iptables-f

Permanently closed:

SELinux--Edit configuration file/etc/selinux/config

Iptables---perform service iptables save after executing iptables-f (writes the temporary purge rule to/etc/sysconfig/iptables Save)

Other methods:

chkconfig iptables off setting iptables boot does not start

Service iptables stop shutdown iptables Services

4,/root/.ssh/authorized_keys can be placed in multiple public keys, if necessary, you can add a line to the upstream of the public key explanation

5. The public key is saved in the Authorized_keys file by default, but you can customize the file path in the/etc/sshd/sshd_config file

6, the key authentication is only used when the remote sshd login.

7, Enforcing-selinux security policy is enforced. (open state, default is this state)

Permissive-selinux prints warnings instead of enforcing. (also open, but no effect, just warning, Setenforce 0 is the state)

Disabled-no SELinux policy is loaded. (Off state)

Need to expand:

Check the data to understand the features of the two types of firewalls?

How do I turn on key verification without shutting down the firewall?

This article is from the "Quit Pride Quit" blog, please be sure to keep this source http://lijunjiang.blog.51cto.com/6905358/1706054

Putty Key Verification Login

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More