ssh remote rsa login

Orca
Date : May 11, 2019
Categories : 折腾
Tags : Vps 登录 ,Image

为了VPS的安全以及远程连接方便，设置成使用SSH Key免密码登录

1.生成RSA密钥对

用SSH连接远程服务器后，执行下面命令：

ssh-keygen -t rsa

一路Enter即可


Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

SHA256:vO61YRuS6arVT7omHaN2WZg8PQZy7TzukG8Wf0lNZxk root@ubuntu1804

The key's randomart image is:

+---[RSA 2048]----+

|                 |

|               E |

|         .      o|

|      ..o .    .+|

|       +SB     +.|

|       .B=X   . .|

|      .oOO*= . . |

|     .+o=X+=. o  |


|    .o.**=*  .   |

+----[SHA256]-----+

修改 id_rsa.pub 文件为 authorized_keys

mv id_rsa.pub authorized_keys

将 id_rsa 复制到客户端, ftp传输或者cat显示输出后复制粘贴到本地文档.

2.修改sshd_config配置, 禁用密码登录开启rsa免密登录

vim /etc/ssh/sshd_config

找到如下几项, 修改成如下所示

PermitRootLogin yes

AuthorizedKeysFile     .ssh/authorized_keys

RSAAuthentication yes

PubkeyAuthentication yes

3.安全起见,修改.ssh目录权限, 重启sshd服务使配置生效

chmod 700 ~/.ssh

chmod 600 ~/.ssh/authorized_keys

systemctl restart sshd