Shulou(Shulou.com)06/01 Report--

In this issue, the editor will bring you what are the two verification methods of sshd services in the Linux system. The article is rich in content and analyzes and describes for you from a professional point of view. I hope you can get something after reading this article.

Sshd=secure shell,SSH is the login tool of Linux system, which is now widely used in server login and all kinds of encrypted communication.

Introduction to sshd Services:

Sshd=secure shell

The shell service can be enabled in the host through the network

Two authentication methods for sshd services sshd services support two authentication methods:

1. Password authentication validates the login name and password of the local system user in the server. Easy, but it can be cracked by violence.

two。 Key pair verification requires matching key information to pass the verification. Typically, a pair of key files (public key, private key) are created in the client, and then the public key file is placed in a specified location on the server. When logging in remotely, the system will use the public key and private key for encryption / decryption association verification. Can enhance security, and can avoid mutual login. When both password authentication and key pair authentication are enabled, the server gives priority to key pair authentication. The verification method can be set according to the actual situation.

Vim / etc/ssh/sshd_config PasswordAuthentication yes # enable password authentication PubkeyAuthentication yes # enable key pair authentication AuthorizedKeysFile .ssh / authorized_keys # specify public KeyStore file 123456

3 create a key pair on the client side create a key pair file for the current user through the ssh-keygen tool. The available encryption algorithms are RSA, ECDSA, or DSA (the "- t" option of the ssh-keygen command is used to specify the type of algorithm).

Useradd admin echo "123123" | passwd-stdin admin su-admin ssh-keygen-t ecdsa Generating public/private ecdsa key pair. Enter file in which to save the key (/ home/admin/.ssh/id_ecdsa): # specify the location of the private key. Enter directly and use the default location Created directory'/ home/admin/.ssh'. # the generated private key and public key files are stored in the hidden directory under the host directory by default. Ssh / Enter passphrase (empty for no passphrase): # set the password for the private key Enter same passphrase again: # confirm that entering ls-l. SSH / id_ecdsa*#id_ecdsa is the private key file, and the permission defaults to 600 positivecdsa.pub, which is used to provide the private key file to the SSH server 1234567891011

4. Then create a new user admin and xiaoming on the client side to configure the key pair

5. Upload the public key file to the server # this method imports the public key text directly into the / home/zhangsan/.ssh/ directory of the server

Cd ~ / .ssh/ ssh-copy-id-I id_ecdsa.pub xiaoming@192.168.132.10 12

6. Use key pair authentication on the client side

7. Set the ssh proxy function in the client to achieve interactive login-free ssh-agent bash ssh-add Enter passphrase for / home/admin/.ssh/id_ecdsa: # enter the password of the private key ssh zhangsan@192.168.80.10 12345

These are the two verification methods of sshd service in Linux system shared by Xiaobian. If you happen to have similar doubts, please refer to the above analysis to understand. If you want to know more about it, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.