版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/xu622/article/details/82764448
Linux服务器设置SSH登陆
制作linux服务器密钥对
[exchange@localhost ~]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/exchange/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/exchange/.ssh/id_rsa.
Your public key has been saved in /home/exchange/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:HwO0jv+tPpO9vfNkGk5qsnWw67UhtdlAB4zqKy3X1Jk [email protected]
The key's randomart image is:
+---[RSA 2048]----+
| . o. |
| . . . .. |
| o . . .|
| o .. . . |
| . S.o ..oo |
| . ..o.+E= |
| ...*+ O +|
| o.Oo+X.B |
| ==O*.*+.|
+----[SHA256]-----+
再打开
[exchange@localhost ~]$ cd ~/.ssh
[exchange@localhost .ssh]$ ls
authorized_keys id_rsa id_rsa.pub
[exchange@localhost .ssh]$ ll
total 12
-rw-------. 1 exchange exchange 747 9月 11 18:17 authorized_keys
-rw-------. 1 exchange exchange 1679 9月 18 20:46 id_rsa
-rw-r--r--. 1 exchange exchange 412 9月 18 20:46 id_rsa.pub
这里有两种做法
1.将服务器公钥导入到 authorized_keys 中,将私钥下载到客户端,通过工具连接。
[exchange@localhost .ssh]$ cat id_rsa.pub >> authorized_keys
把 id_rsa 下载下来
2.电脑端生成 ssh-key,将公钥发给管理员加到 authorized_keys 文件中。
上述两种方法都可以
修改权限
[exchange@localhost .ssh]$ chmod 600 authorized_keys
[exchange@localhost .ssh]$ chmod 700 ~/.ssh
#修改SSH配置
[exchange@localhost .ssh]$ sudo vim /etc/ssh/sshd_config
主要是以下三个:
RSAAuthentication yes # 启用 RSA 认证
PubkeyAuthentication yes # 启用公钥认证
PermitRootLogin yes # 允许root用户ssh登陆
最后重启SSH服务
[exchange@localhost .ssh]$ service sshd restart
保存之后就可以用ssh 直接登陆了,特别是电脑装的linux系统,用ssh命令不用输入密码,很方便。windows下的ssh 客户端很多,可能感觉不出来这种方式的便捷。