標籤:centos ssh配置使用方法
ssh有兩種串連方式
第一種:密碼認證串連方式
[[email protected] ~]# ssh [email protected] (服務端的ip斷行符號提示如下)
The authenticity of host ‘192.168.1.250 (192.168.1.250)‘ can‘t be established.
RSA key fingerprint is 75:f9:55:3b:da:0d:38:b2:c6:1b:e9:18:96:97:8a:2e.
Are you sure you want to continue connecting (yes/no)?(這裡輸入yes保證密鑰斷行符號)
Warning: Permanently added ‘192.168.1.250‘ (RSA) to the list of known hosts.
[email protected]‘s password:(輸入密碼斷行符號)
第二種:密鑰串連方式
[[email protected] ~]# ssh-keygen(啟動密鑰串連方式)
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): (保持密鑰的地方預設是保
存在目前使用者目錄下如需
修改,輸入保持地址)
Enter passphrase (empty for no passphrase): (是否使用密碼使用預設斷行符號)
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
e4:4d:4c:b7:e4:ec:07:d5:a7:f0:3c:a0:b0:1f:98:a1 [email protected]
The key‘s randomart image is:
+--[ RSA 2048]----+
| . o .. |
| oo =oo o|
| ..*o.== ..|
| Eo+oo. .= |
| S.... .. |
| . . |
| |
| |
| |
+-----------------+
密鑰產生之後進入.ssh/目錄會看到
[[email protected] ~]# cd .ssh/
[[email protected] .ssh]# ls
id_rsa id_rsa.pub known_hosts(id_rsa.pub)這個檔案就是密鑰認證檔案
[[email protected] .ssh]# ssh-copy-id -i id_rsa.pub [email protected](把密鑰發送給服務端)
[email protected]‘s password:(輸入服務端密碼)輸入斷行符號提示如下就成功了
Now try logging into the machine, with "ssh ‘[email protected]‘", and check in:
.ssh/authorized_keys
to make sure we haven‘t added extra keys that you weren‘t expecting.
備忘:如果系統裝或發生其它不能正常串連的情況把.ssh/目錄下的檔案刪除重新設定即可
如果想比較安全或控制使用者登入進入cd /etc/ssh會看到
[[email protected] .ssh]# cd /etc/ssh
[[email protected] ssh]# ls
moduli ssh_host_dsa_key ssh_host_key.pub
ssh_config ssh_host_dsa_key.pub ssh_host_rsa_key
sshd_config ssh_host_key ssh_host_rsa_key.pub
ssh_config這個是用戶端設定檔不用管,sshd_config這個是服務端設定檔修改這個就行
用vim開啟ssh_config
SyslogFacility AUTHPRIV
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
#PermitRootLogin yes(把這個改成no禁止用root登入)
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
PasswordAuthentication yes(打這個改成no不能使用密碼驗證)
Centos如何使用SSH遠端連線主機