https://blog.csdn.net/musuny/article/details/78507954
说明:阿里云ECS购买时选择使用密钥对登录,因此不能使用账号密码登录,在新分配的用户也必须使用密钥对登录,因此创建新的用户guest01并创建相应的密钥对文件,远程通过xshell来登录
1.新增一个用户组Guest
$ groupadd Guest2.在用户组Guest中创建一个用户guest并指定用户的目录为/home/guest/guest01
$ mkdir -p /home/guest
$ useradd guest01 -g Guest -d /home/guest/guest013.切换到guest用户并进入用户目录
$ su guest01
$ cd ~/4.使用如下命令创建密钥对文件,一路回车,无需输入
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/guest/guest01/.ssh/id_rsa):
Created directory '/home/guest/guest01/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/guest/guest01/.ssh/id_rsa.
Your public key has been saved in /home/guest/guest01/.ssh/id_rsa.pub. The key fingerprint is: 6e:11:3e:55:66:4e:b6:72:4b:6f:ee:95:a6:a3:85:9d guest@aikafka The key's randomart image is: +--[ RSA 2048]----+ | * | | B . | | . o = | | . o + o | | S . o | | . o oo. .| | o . E.o.| | . .oo. | | ...o | +-----------------+5.将公钥文件重命名为authorized_keys
$ mv id_rsa.pub authorized_keys6.便于区分,也将私钥文件重命名
$ mv id_rsa id_rsa_guest01.pem7.将目录.ssh权限设置为700,公钥文件authorized_keys设置为644
$ chmod 700 ../.ssh/
$ chmod 644 authorized_keys8.由于此时guest的私钥文件还在服务器,远程还不能登录,因此切换回root用户将私钥文件下载到远程本地
9.使用xshell配置连接
连接>名称:guest01
连接>主机:47.96.28.236
连接>端口:22
用户身份验证>方法:Public Key
用户身份验证>用户名:guest01
用户身份验证>用户密钥>浏览>刚刚下载的id_rsa_guest01.pem>打开>选中刚刚导入的名为id_rsa_guest001的密钥>确定>确定
….
成功登陆
Connecting to 47.96.28.236:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
Last login: Sat Nov 11 18:15:36 2017 Welcome to Alibaba Cloud Elastic Compute Service ! [guest01@aikafka ~]$