In Linux systems, SSH (Secure Shell) is a secure remote login protocol. In order to improve the security of system access and reduce the trouble of entering a password every time you log in, you can access the remote host through password-free login. This article will introduce how to use SSH public key authentication to achieve password-free login to the Linux system.
1. Create SSH secret
First, generate an SSH key pair on the local machine, including private key and public key.
ssh-keygen -t rsa -b 2048
After running the above command, you will be prompted to select a location to save the key and set a password. If you want to log in completely without a password, you can just press Enter and leave the password blank.
2. Copy the public key to the target host
After generating the key pair, you need to copy the locally generated public key to the remote target host. You can use the following command to copy the public key to the target host's file. ~/.ssh/authorized_keys
ssh-copy-id username@remote_host
Be sure to replace username and remote_host with your actual username and remote host address. After executing the above command, you may be asked to enter the password of the target host.
3. Verify password-free login
After completing the above steps, you should be able to log in without a password via SSH.
ssh username@remote_host
If everything is set up correctly, the system will log directly into the target host without entering a password.
4. Advanced SSH arrangement
In order to improve the security of SSH, you can modify the SSH server configuration file (/etc/ssh/sshd_config).
sudo nano /etc/ssh/sshd_config
Make sure the following configuration is enabled:
PermitRootLogin no
PasswordAuthentication no
Then restart the SSH service:
sudo service ssh restart
This configuration can disable the root user's direct login, disable password login, and only allow public key authentication login, improving system security.
5. Caution 项
- When copying the public key to the target host, please ensure that the
~/.ssh/directory of the target host exists. If it does not exist, create it manually. - Make sure the permissions on the private key file (
~/.ssh/id_rsa) are set to 600 to protect the security of the private key. - Replace SSH key pairs regularly to enhance system security.
Through the above steps, you have successfully implemented SSH password-free login on the Linux system. This not only improves the security of the system, but also improves the convenience of login. Especially in terms of remote management and automated script execution, password-free login will greatly simplify the operation process.