Two ways to generate keys in Linux

Two ways to generate keys in Linux

The SSH service supports a security authentication mechanism, that is, key authentication. The so-called key authentication, is actually using a pair of cryptographic strings, a public key (PublicKey), anyone can see its content for encryption, and the other is called the key (Privatekey), only the owner can see, for decryption. Ciphertext encrypted with a public key can be easily decrypted using a key, but it is difficult to guess the key based on the public key. SSH's key authentication is the use of this feature. Both the server and the client each have their own public key and key. How do I log on to a Linux server using key authentication?

Before using key authentication to log in to Linux remotely, let's talk about two ways to generate a key:

Method One: Use the puyttygen.exe key generation tool.

2. Download the Generate Key tool

   Full Package http://the.earth.li/~sgtatham/putty/latest/x86/putty.zip after download, where Puyttygen.exe is the key generator we need to use.

4. generate key pair

   Double-click Puttygen.exe, the lower right corner "number of bits in a generated key" change "1024" to "2048", then click "Generate", so you start to generate the key, please move the mouse, so that you can quickly generate Key pair, which was completed in about more than 10 seconds. "Key Comment:" Here can remain unchanged and can be customized, in fact, is a simple introduction to the key; "Kye passphrase:" Here to give you the key to set the password, so secure some, of course, can also be left blank, Amin suggest you set a password; "Confirm Passphrase: "Enter the password you just set again."

6. Save private key

   Click "Save Private Key", select a storage path, define a name, and click "Save". Please keep it in a safer place, beware of losing it or being seen by others.

7. Copy the public key to Linux

   Back to the window where the key was generated, there is a long string below "key", which is the contents of the public key and copies the entire public key string. Then paste it into your Linux /root/.ssh/authorized_keys file.

   [Email protected] ~]# MKDIR/ROOT/.SSH

   [Email protected] ~]# chmod 700/root/.ssh

   first create the/root/.ssh directory, because this directory does not exist by default, and then change the permissions. the public key content is then pasted into the/root/.ssh/authorized_keys file.

   Description: Remember to turn off the firewall!

8. Set Putty to login via key

   Open Putty.exe Click on your saved session, then click on the right side of the "Load", on the left, click on the "SSH" front of the + and then select "Auth", see the right "Private key file for authentication:" The bar below is currently empty, click "Browse", find the private key we just saved, click "Open". At this point the box has the address of the private key, and of course you can edit the path yourself. Then go back to the left, click on the top "Session", and then click "Save" on the right. Use key verification to log in to Linux after you save the session, click on the "Open" at the bottom right. The landing screen appears, you will find that the original landing prompt content is different.

   [[email protected] ~]# ssh 192.169.5.74

   Last login:wed-15:14:25 from 192-169-5-121-static.despegar.net

   [Email protected] ~]#

   Now no longer enter the root password, but need to enter the password of the key, if you have not set the password before the production key, you enter the root will be directly logged into the system.

Method two: Using scripts

2. The script reads as follows:   

   [email protected] kewai]# cat gen-sshkey.sh

   #!/bin/bash

   Ssh-keygen-t rsa-p '-F '/root/.ssh/id_rsa '

   Description: This script is automatically generated public key private key, without human intervention press ENTER to confirm each step!

3. If you send the public key generated by the above script to another server, you should rename it to Authorized_keys, which is the following command:

   # # #先远程拷贝过去 # #

   [email protected]. ssh]# scp/root/.ssh/id_rsa.pub [Email protected]:/root/.ssh/

   # # #再重命名 # #
   

   [email protected]. ssh]# MV Id_rsa.pub Authorized_keys

   This allows you to login to the system by logging into the Eee remotely on the Ceshiji and then entering root.

This article is from the "Hand of the Paladin Control" blog, please make sure to keep this source http://wutengfei.blog.51cto.com/10942117/1956792

Two ways to generate keys in Linux