The method of opening SSH key login for VPS server of Linux system

For VPS Security, I opened the VPS SSH key login settings, through the Goole search data, the operation was successful. The following is an action record. This assumes that as root, the IP of the VPS is 192.168.0.1

The first step: the creation of a secret key, the keys

Basically the VPS is the SSH password landing, the first is to create a secret key, divided into public key and private key, the public key is placed on the VPS, the private key to their own here, used for their own remote login, the creation of secret key methods have a variety of

　The first of the simplest, that is, through the VPS itself to generate secret key

The code is as follows:

#ssh-keygen-t RSA//Here is the same as generating public and private keys

The following is the output produced after the input command:

The code is as follows:

Generating public/private RSA key pair.

Enter file in which to save the key (/ROOT/.SSH/ID_RSA)://Here is the secret key storage location, direct return

Created directory '/root/.ssh '. Create/root/.ssh by default to save secret keys

Enter passphrase (empty for no passphrase)://Enter the key password, you can return directly

Enter same passphrase again://duplicate key password, you can enter directly

Your identification has been saved In/root/.ssh/id_rsa. Tip the public and private keys are already stored in the/root/.ssh/directory

Your public key has been saved in/root/.ssh/id_rsa.pub.

#cd/root/.ssh/

# ls

Id_rsa.pub Id_rsa//You can see two secret keys, save these two, and copy the private key to the local

#mv id_rsa.pub Authorized_keys//Rename the public key to Authorized_keys

#chmod 600/root/.ssh/authorized_keys//Modify secret key permissions, 600 means that the owner has RW permissions

Of course, if the local itself is a Linux generated secret key, to the public key copy to the VPS, and modify the name and permissions

#scp id_rsa.pub Root@192.168.10.1:/root/.ssh

#mv id_rsa.pub Authorized_keys//Here is to change the name, is in the/ROOT/.SSH directory operation

The second method

Use Xshell to generate secret keys. Here strongly recommend xshell+xftp, very easy to use, can be the same as the management of multiple VPS, support multiple shell windows

　　Step two: Login with secret key

Because we are ready to test SSH key landing, to see if the setting is successful, if not successful can also login password, so the modified must be tested, for the VPS provider to provide console, it can be arbitrary, after all, there are console can be used, if not, suggest testing first, I just forgot to add another administrator account, and I also forbid the root remote login, resulting in all clients are not landing, fortunately I have the console, modify the Sshd_config configuration, allow root remote login, just finished, the following is equivalent to landing test.

First, you can use WINSCP to copy the public key to the remote Linux server that VPS, remember to change the name to Authorized_keys

With the private key and the public key on the VPS pair, the matching success on the landing.

You must modify the/etc/ssh/sshd_config file to change the values after Rsaauthentication and pubkeyauthentication to Yes, save

The code is as follows:

#/etc/init.d/sshd Restart//Restart SSHD service, mine is CentOS

There are many kinds of login with secret key, see what client you like to use,

The first, is to use Putty landing, with putty landing a bit to note is to convert the secret key, we can refer to the military-Columbia tutorial. Special attention to the problem is that the Putty official website of the Puttygen conversion of the secret key problems, landing time will appear "Server refused our key" error.

The solution is to use the WINSCP official website Download WINSCP installation program with the Puttygen to convert the secret key, it can be normal landing.

My reprint of the PUTTY,WINSCP tutorial, suitable for beginners

The second type, landing with Xshell. I use Xshell, you can refer to the military and the elder brother tutorial

The third, the use of Linux landing VPS

The code is as follows:

#chmod Id_rsa//Change the local private key to RW permissions

#ssh Root@192.168.0.1/root/id_rsa//id_rsa is the private key, written according to its own private key path

　　Three kinds of landing process may prompt you to fill in the secret key password, fill in on the login can be successful.

After testing SSH key login successfully, you can set up some more secure configuration, such as

The code is as follows:

Passwordauthentication no//means no password login

Permitrootlogin No//indicates no root remote login