RSA Authentication login SSH in Linux

Method One,

Sometimes need to login ssh, each need to enter a password, will be more cumbersome. So set up to use RSA public key authentication way to log on to Linux.

First you need to set up/etc/ssh/sshd_config on the server side

# Vim/etc/ssh/sshd_config

Modify the following two behavior yes. In fact, most of the cases do not change, the default is yes.

Rsaauthentication Yes

Pubkeyauthentication Yes

(1) If both the client and the server are Linux machines, then we use the following method: (the 2nd section below mentions how to generate a key pair using putty under windows)

We need to generate an RSA key pair on the client. Using the Ssh-keygen command:

# ssh-keygen-t RSA

The parameter t means type, followed by the encryption type, where we are RSA.

Then you will be prompted to enter the key to save the file name, here we need to use the default Id_rsa, before we can log in normally. If you generate a key for other purposes, you can name it another:

Generating public/private RSA key pair.

Enter file in which to save the key (/HOME/CAKE/.SSH/ID_RSA):

Then you will be prompted to enter a passphrase, we can leave this blank, so that when we log in, we are not allowed to enter the password.

Enter passphrase (empty for no passphrase):

Enter same Passphrase again:

You will then be prompted for a successful key generation. This is your private key saved as ~/.SSH/ID_RSA, your public key is ~/.ssh/id_rsa.pub

What we need to do now is to put the id_rsa.pub content, add the server end of the ~/.ssh/autherized_keys file to the end.

You can upload this file to the server side and then use the command:

# cat Id_rsa.pub >> ~/.ssh/autherized_keys

It's done here.

(2) Generate a key pair using putty under Windows:

There is a Puttygen.exe program under the Putty installation directory, we run this program.

Then click Generate to start generating the key pair. We need to follow the prompts to randomly slide the mouse in the specified box. This is to generate some random data based on the mouse trajectory.

After the build ends, we click Save private key to store the private key in a directory. Then assign the entire contents of the top text box to the end of the Autherized_key on the Linux server side.

We can now close this applet.

Now open putty, in the left-hand option, select Conneciton–ssh–auth, and in private key file for authentication, select the private key path you just saved.

At this point, putty can also log in without a password.

Method Two

Using Linux host-generated keys

1. Generate key

[Root@www.111cn.net. SSH] #ssh-keygen-t RSA

Generating public/private RSA key pair.

Enter file in which to save the key (/ROOT/.SSH/ID_RSA):

Enter passphrase (empty for no passphrase):

Enter same Passphrase again:

Your identification has been saved In/root/.ssh/id_rsa.

Your public key has been saved in/root/.ssh/id_rsa.pub.

The key fingerprint is:

E4:9a:47:a7:b4:8a:0b:98:07:b8:70:de:6b:16:2c:0croot@www.111cn.net

2, will/root/.ssh/id_rsa.pub renamed as/root/.ssh/authorized_keys

[Root@www.111cn.net. ssh] #mv/root/.ssh/id_rsa.pub/root/.ssh/authorized_keys

3, the private key ID_RSA copy to the remote client

1, if the remote client is Linux, copy to the remote client/root/.ssh/can

2), putty as a remote client in

Putty does not recognize private keys that are copied directly from the server, and requires the use of Puttygen.exe for format conversion

(1), open Puttygen.exe--> conversions--> Import Key

(2), select the copy of the private key file Id_rsa

(3), save private KEY->ID_RSA.PPK (save private key)

4, open Putty.exe

1, Session--> Host name (fill in the server address or domain name)

2), Connection--> SSH--> Auth (Point Browse Select just generated ID_RSA.PPK)

3), open

After successful opening, the following prompts appear:

Login As:root

Authenticating with public key "Imported-openssh-key"

----------------------------------------------------------------------------------

Of course you may encounter this error [because I met, hehe]:

Permissions 0755 for ' You configure the public key file path ' are too open.

This is because there are some problems with the permissions set for these files.

Execute command: chmod 600 your file