添加用户:
useradd yang
生成秘钥
[yang@localhost /]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key(/home/yang/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):123456
Enter same passphrase again: 123456
Your identification has been saved in/home/yang/.ssh/id_rsa.
Your public key has been saved in/home/yang/.ssh/id_rsa.pub.
The key fingerprint is:
1d:1d:97:0c:c0:40:8f:a4:1a:b9:93:71:03:7a:d4:bayang@localhost.localdomain
The key's randomart image is:
+--[ RSA 2048]----+
| o. .+o..oo.. |
| oo.o o.. oo |
| .=.+ . o . |
| ..B . . . |
| =. S . |
| E. |
| |
| |
| |
+-----------------+
修改权限:
[root@localhost yang]# chmod 700 .ssh
[root@localhost yang]# cd .ssh
[root@localhost .ssh]# ll
总用量 8
-rw------- 1 yang yang 1743 7月 14 03:22 id_rsa
-rw-r--r-- 1 yang yang 408 7月 14 03:22 id_rsa.pub
[root@localhost .ssh]# mv id_rsa.pubauthorized_keys
[root@localhost .ssh]# chmod 600authorized_keys
将私钥拷贝出来
修改ssh配置文件
Vim /etc/ssh/sshd_config
42: PermitRootLogin no #禁止root登陆
47:RSAAuthentication yes #RSA验证
48:PubkeyAuthentication yes #公钥验证
49: AuthorizedKeysFile .ssh/authorized_keys #加载秘钥
66: PasswordAuthentication no #禁止密码登录
重启ssh
Service sshd restart
Xshell登录
导入刚拷贝的私钥
输入密码登录
本文转自2013yang 51CTO博客,原文链接:http://blog.51cto.com/yangeinstein/1673886,如需转载请自行联系原作者