标签:
Linux:ssh-keygen -t rsa
[私钥 (id_rsa) 与公钥 (id_rsa.pub)]
Windows:SecurCRT/Xshell/PuTTY
[SSH-2 RSA 2048]
1 #生成SSH密钥对 2 ssh-keygen -t rsa 3 4 Generating public/private rsa key pair. 5 #建议直接回车使用默认路径 6 Enter file in which to save the key (/root/.ssh/id_rsa): 7 #输入密码短语(留空则直接回车) 8 Enter passphrase (empty for no passphrase): 9 #重复密码短语 10 Enter same passphrase again: 11 Your identification has been saved in /root/.ssh/id_rsa. 12 Your public key has been saved in /root/.ssh/id_rsa.pub. 13 The key fingerprint is: 14 aa:8b:61:13:38:ad:b5:49:ca:51:45:b9:77:e1:97:e1 root@localhost.localdomain 15 The key‘s randomart image is: 16 +--[ RSA 2048]----+ 17 | .o. | 18 | .. . . | 19 | . . . o o | 20 | o. . . o E | 21 |o.= . S . | 22 |.*.+ . | 23 |o.* . | 24 | . + . | 25 | . o. | 26 +-----------------+
| 也可以手动在客户端建立目录和authorized_keys,注意修改权限
1 #复制公钥到无密码登录的服务器上,22端口改变可以使用下面的命令 2 #ssh-copy-id -i ~/.ssh/id_rsa.pub "-p 10022 user@server" 3 ss h-copy-id -i ~/.ssh/id_rsa.pub root@192.168.15.241
1 #编辑sshd_config文件 2 vi /etc/ssh/sshd_config 3 4 #禁用密码验证 5 PasswordAuthentication no 6 #启用密钥验证 7 RSAAuthentication yes 8 PubkeyAuthentication yes 9 #指定公钥数据库文件 10 AuthorsizedKeysFile .ssh/authorized_keys
| 重启SSH服务前建议多保留一个会话以防不测
1 #RHEL/CentOS系统 2 service sshd restart 3 #ubuntu系统 4 service ssh restart 5 #debian系统 6 /etc/init.d/ssh restart
| 可以在== 后加入用户注释标识方便管理
1 echo ‘ssh-rsa XXXX‘ >>/root/.ssh/authorized_keys 2 3 # 复查 4 cat /root/.ssh/authorized_keys
转载 http://wsgzao.github.io/post/ssh/
标签:
原文地址:http://www.cnblogs.com/metasequoia/p/4634623.html