SSH login provides two authentication methods: password (password) authentication and key authentication. Among them, the password (password) authentication method is the most commonly used one. Here we introduce the method of logging in to linux / unix by key authentication .
Using the key to log in is divided into 3 steps:
1. Generate the key (public key and private key);
2. Place the public key (Public Key) in the server ~/.ssh/authorized_key file;
3. Configure the ssh client to use the password key to log in.
1. Generate the public key (Public key) and the private key (Private Key)
Open Xshell, click "tools" in the menu bar, and select "User Key Generation Wizard..." in the pop-up menu, as shown below:
The "User Key Generation Wizard" dialog box pops up, select "RSA" public key encryption algorithm in the "Key Type" item, and select "2048" bit key length for "Key Length", as shown below:
Click "Next" and wait for the key to be generated:
Continue to the next step, enter the file name of the Key in "Key Name", here is "key"; enter a password at "Passphrase" to encrypt the private key, and enter the password again to confirm, as shown below:
Click "Next", the key generation is completed (Public key Format select SSH2-OpenSSH format), here is the public key, we can copy the public key and save it, or directly save the public key to a file, as shown below. The private key is not displayed here and can be exported to a file in "User Key Manager...":
Click the "Save as file..." button to save the public key to the disk, the file name is "key.pub" for backup.
2. Upload the public key to the server:
Use Xshell to log in to the server, go to the " /root/.ssh/ " directory, run the rz command (if there is no rz command, run yum install lrzsz to install), send key.pub to the server, and then run the following command to Import the public key into the "authorized_keys" file:
- [root@localhost ~]# cd /root/.ssh/
- [root@localhost .ssh]# rz
- rz waiting to receive.
- [root@localhost .ssh]# cat me.pub >> authorized_keys
- [root@localhost .ssh]# chmod 600 authorized_keys
- [root@localhost .ssh]# ls
- authorized_keys known_hosts me.pub
- [root@localhost .ssh]# cat authorized_keys
- ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA4VCOWFrARc1m3MfEAL50v2Z2siavO3Ijpr/LZ00EZah8EjfZhqjAc/agkljyXmNGpVDpRdtlYco8h3P5vegXOEgKcX74fDYm0vNdVABVD1XSD8ElNyLTCCNk7rZJbi3htJox3Q1n0vnMmB5d20d9occkAx4Ac94RWNS33EC5CszNTMgAIn+uZl0FlQklS1oSyWFahSTWyA6b33qG7Y5E4b6J/caObnPx6EgtBrgi97gXJHZWyYlGrpWmUuhPqs5XToRB08CVxAyzewtq1MXv0p+Po4L1pbHLRf+TSoZ5RSBZZjY4/JMAzdXHNtnAyO0j0VNGbBXKUcNSAHZ
3. Configure Xshell to log in to the server using key authentication:
Open Xshell, click the "New" button, and the "New Session Properties" dialog box will pop up. In the "Connection" column, enter the IP address and port of the Public Key just configured, as shown in the following figure:
Click "Authentication" on the left, switch to the authentication column, select "Public Key" authentication in "Method", enter "root" for the user name (the public key is placed in the .ssh folder in the root directory), in "User" Select the private key "key" we just generated in "Key", and enter the encrypted password of the private key in "Passphrase".
Click OK, Xshell configuration ssh password-free login configuration is complete.
Addendum: linux ssh-keygen command to generate keys:
In fact, the key can also be generated under ssh-keygen under linux, enter ssh-keygen -t rsa under linux, and at the prompt, enter the name of the key (here is key) and the private key encryption password, which not only completes the key generate. In the two generated files, "key" is the private key, and "key.pub" is the public key. As shown below:
