If it is generated locally, you need to save the public key and copy the content of the public key to the authorized_keys file on the server
The putty tool uses:
Fill in the basic server information
Username input
Add a key to facilitate direct login
In the last step, if the key has not been generated or there is no key, you can leave it blank, so you can enter the password in the command line after opening it.
Personal key command line generation: ssh-keygen -t dsa
The password item is generally entered directly, so that the effect of direct password-free login can be achieved.
Generated file (id_dsa/id_dsa.pub)
Password-free login:
If you want server A to log in to server B without password, you can generate a key file on server A and write the public key content of server A in the authorized_keys file of server B. Or run ssh-copy-id B server ip on A server.
If you log in to the A server under win, you can generate a key file on the A server, write the content of the public key to the authorized_keys file of the A server, and put the private key in win for local processing (using putty), or you can directly use puttygen to generate the key file and then Write the content of the generated public key to the authorized_keys file of the A server, and then use putty to log in.
ssh remote login related:
Configuration file address: /etc/ssh/sshd_config (after changing the configuration, remember to run service sshd restart to make the configuration take effect)
ListenAddress is used to set the IP address bound to the sshd server
Port is used to set the port that sshd listens on. For security reasons, it is recommended to change the default port 22 to an unfamiliar port with more than 5 digits.
PasswordAuthentication is used to set whether to enable the password authentication mechanism. If the password is used to log in to the system, set yes
PubkeyAuthentication is used to set whether to enable public key authentication. If you use public key authentication to log in, set it to yes
RSAAuthentication is used to set whether to enable RSA key authentication, only for SSH1
If you set up ssh login, you need to set both PubkeyAuthentication and RSAAuthentication to yes
Add a configuration when you want a user to be able to log in with a password but not others: Match user username PasswordAuthentication yes
When you want a user to be able to log in with a password but not other users, you can add configuration (the following ip is an example, you can change it according to your needs): Match address 192.168.1.1/24 PasswordAuthentication yes
User related:
User addition (add user test and set the user directory to /home/test): useradd -d /home/test -m test
User password change (change the test user's password): passwd test
Enter the password twice after running.
Ordinary users run root privilege operations:
Add sudo before the current command executes the command Example: sudo ls
