版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/tjjingpan/article/details/81773094
1、root用户登陆后,运行以下第一句指令,其他根据提示进行输入:
[root@localhost ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
99:46:6d:14:b1:92:9c:48:ab:d8:d7:3c:02:fd:12:8a [email protected]
The key's randomart image is:
+--[ RSA 2048]----+
| . +o |
| o + = . |
| . = * + |
| + + * = |
| E + + S |
| . + . |
| |
| |
| |
+-----------------+此时在/root/.ssh/目录下生成了2个文件,id_rsa为私钥,id_rsa.pub为公钥。私钥自己下载到本地电脑妥善保存(丢了服务器可就没法再登陆了),为安全,建议删除服务器端的私钥。公钥则可以任意公开。
2、使用以下命令将公钥导入到系统中:
[root@localhost ~]# cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys 3、修改SSH的配置文件/etc/ssh/sshd_config :
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedKeysCommand none
#AuthorizedKeysCommandRunAs nobody4、保存后重启SSH服务。
[root@localhost .ssh]# service sshd restart5、使用私钥登录
A.SecureCRT使用私钥远程登录Linux。
打开“会话选项”,在“鉴权”选择“属性”,
在"会话设置",“使用微分或证书文件(E)”,选择生成的私钥,点确定。
输入“通过短语”,点确定。
