Environmental description
We have a server A, and a server B, a total of two
We log in to server A, and then log in to server B on server A.
If you log in with an account password, you need to enter the password every time.
We can log in without password by using ssh key authentication.
start
Perform the following steps on server B
- Create an authorized_keys file on your Linux server so that you can add your public SSH key to the file so you can access the server with SSH key authentication.
To create an authorized_keys file, you can follow these steps:
- Open a terminal and log into your Linux server.
- Go to your home directory, if it does not exist, you can create it with the following command:
mkdir -p ~/.ssh
- Create the authorized_keys file with the following command:
touch ~/.ssh/authorized_keys
- Open the authorized_keys file with a text editor such as vi or nano, copy your public SSH key into the file and save it.
- To ensure that the permissions on this file are correct, set the permissions on the authorized_keys file to 600 with the following command:
chmod 600 ~/.ssh/authorized_keys
After completing the above steps, your SSH public key has been added to your Linux server, and you can use SSH key authentication to access the server.
Perform the following steps on server A
- Generate key pair:
$ ssh-keygen -t rsa -b 2048
or use the following command
ssh-keygen -t rsa -b 4096 -C "[email protected]"
After execution, two files, id_rsa and id_rsa.pub, will be generated in the ~/.ssh/ directory. Among them, id_rsa is the private key, which needs to be kept properly, and id_rsa.pub is the public key, which needs to be placed on the remote server for authentication.
- Add the public key to the remote server:
Copy the content of the public key id_rsa.pub to the ~/.ssh/authorized_keys file of the remote server, which can be achieved with the following command:
$ ssh-copy-id user@remote-server
This command will add the local public key to the authorized_keys file on the remote server, or create it automatically if it does not exist. Before executing this command, please ensure that the permission of the ~/.ssh/ directory on the remote server is 700, and the permission of the authorized_keys file is 600.
Done, test connection
- Test connecting to the server with the following command:
ssh -i /path/to/private/key username@server_ip
Among them, /path/to/private/key is your private key file path, username is the username of the server, and server_ip is the IP address or domain name of the server.
- If the connection is successful, you will see a message similar to the following:
Welcome to Ubuntu 20.04 LTS (GNU/Linux 5.4.0-53-generic x86_64)
或者
Last login: Tue Feb 21 09:54:26 2023 from ****
- Log out after successful login:
You can use
exit命the command to exit. If you are usingssha client, you can use the menu or command to close the connection, depending on the client. Generally, you can use the shortcut key“Ctrl + D”or“Ctrl + C”to exit the connection.