Shulou(Shulou.com)06/02 Report--

Description: today came a small partner, because of business needs, to log in to a test system, asked me what the password is, I said that I configured the key login, it is estimated that he is not very familiar with, so I briefly demonstrated the configuration process to show him, by the way, also recorded the whole configuration process.

1. The principle of key login system

About the configuration principle, you can refer to https://help.aliyun.com/knowledge_detail/41493.html, now Ali Yun's official document is very detailed, I do not want to paste and copy it.

2. Server configuration process

A) generate a key pair (here I'm just doing a test, so just enter all the way)

[root@LVS-DR02 ~] # ssh-keygen-t rsaGenerating public/private rsa key pair.Enter file in which to save the key (/ root/.ssh/id_rsa): Created directory'/ root/.ssh'.Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in / root/.ssh/id_rsa.Your public key has been saved in / root/.ssh/id_rsa.pub.The key fingerprint is:ce:6a:a7:fc:e6:d4:f4: 21:98:5c:3b:f1:03:01:9d:7a root@LVS-DR02.saltstack.comThe key's randomart p_w_picpath is:+-- [RSA 2048]-+ | .o.. | | o. |. + | |.. + E = | S.= + | | o + o | | +. . |.. oo | |. + * o | +-+ |

B) check the location of the key (default is under .ssh in the home directory) *:

[root@LVS-DR02] # cd / root/.ssh/ [root@LVS-DR02 .ssh] # lltotal 8murr RW-1 root root 1679 Jun 26 20:13 id_rsa-rw-r--r-- 1 root root 409 Jun 26 20:13 id_rsa.pub

C) set up the Linux host:

Copy id_rsa.pub to authorized_keys and put it in the directory [root@LVS-DR02 .ssh] # cat id_rsa.pub > > authorized_keys of the linux host to be logged in.

D) set ssh service parameters

Certificate authentication support is enabled by SSH service by default. Edit the SSH service profile (default is / etc/ssh/sshd_config) and make sure that the following parameters are not shown and set to no. Otherwise, change the parameter value to yes, or delete or comment the entire line configuration (add a # sign at the beginning).

[root@LVS-DR02 .ssh] # vim / etc/ssh/sshd_config uncomment the following two lines # RSAAuthentication yes#PubkeyAuthentication yes

E) download the private key to the remote computer (public key is equivalent to lock, private key is equivalent to key)

[root@LVS-DR02 .ssh] # sz-y id_rsa

3. Configuration of the client

A) enter the login interface of xshell as shown in the figure below

B) choose Public Key-based login authentication

C) Import key

D) Select Import

E) here we rename the id_rsa previously imported from the server sz-y to LVS-RS02, mainly to correspond to different services

F) so that we can easily log in to the system

Supplementary method:

1) generate a key under the xshell of windows

2) Select the default RSA key type and keep the key length to 2048

3) the process of generating a key pair

4) the default key name is id_rsa_2048

5) in order to avoid entering the password every time I log in, I keep the password blank here.

6) Save the copied public key

7) copy the public key to the server's .ssh directory

[root@LVS-DR01 .ssh] # cat id_rsa_2048.pub ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAzoNEC5+T6dl+p5nD78/SPcqdFPecSNVHF7R6FhY0cxCHDSWUTORU4isGIRJOwmr3o+7kgpY8o4ACw8FgYY2xt3jjFo8t1xlcnKZ4s0VxyqRrVFe4xZa2dGxyaQ6q13Bwno+yE93+nfXK2W1+aBDuouGgaFX2av9lGWJqfzXoHh+yKATF367ErnUBIQbM0N/rPBzggxtyKCHekOu1605Fie/xcQTZJbvm2dkCwMJg1gx2B4qgBKIbLi+Q== [root@LVS-DR01 .stotal 16 RW-1 root root 1675 Jun 29 09:46 id_rsa-rw-r--r-- 1 root root 380 Jun 29 16:14 id_rsa_2048.pub-rw-r--r-- 1 root root 409 Jun 29 09:46 id_rsa.pub-rw-r--r-- 1 root root 976 Jun 29 09:48 known_ hosts [root @ LVS-DR01 .ssh] # ls-latotal 20drwx-2 root root 80 Jun 29 16:15 .dr-xr-x---. 18 root root 4096 Jun 29 15:50.-rw- 1 root root 1675 Jun 29 09:46 id_rsa-rw-r--r-- 1 root root 380 Jun 29 16:14 id_rsa_2048.pub-rw-r--r-- 1 root root 409 Jun 29 09:46 id_rsa.pub-rw-r--r-- 1 root root 976 Jun 29 09:48 known_hosts saves the public key content to the authorized_keys file Set file permissions to 600 [root@LVS-DR01 .ssh] # cat id_rsa_2048.pub > > authorized_ Keys [root @ LVS-DR01 .ssh] # chmod 600 authorized_keys

8) login verification

9) use the user's key

10) Select authentication method

11) successful login

Connecting to 10.10.10.101:2222...Connection established.To escape to local shell, press' Ctrl+Alt+] '.Last login: Thu Jun 29 16:45:21 2017 from 10.10.10.1

At this point, all configurations have been completed

12) configuration ideas

A. Generate a key pair:

B. transfer the public key to the specified file in the home directory corresponding to the remote server

C. Conduct the test

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.