一。更新服务器 yum -y update
二。建立密钥对(密码可空)
[root@VM_14_49_centos ~]#ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: f8:22:a6:0a:ef:62:59:ef:84:49:1a:c7:6d:47:6c:79 root@VM_14_49_centos
三。查看秘钥对
[root@VM_14_49_centos ~]# cd .ssh/ [root@VM_14_49_centos .ssh]# ls authorized_keys id_rsa id_rsa.pub [root@VM_14_49_centos .ssh]# cat id_rsa.pub >> authorized_keys //注册公钥 [root@VM_14_49_centos .ssh]# chmod 700 ~/.ssh //修改文件夹权限,不修改可能会出现权限不够登录不进来 [root@VM_14_49_centos .ssh]# chmod 600 authorized_keys //修改文件权限,不修可能会出现权限不够登录不进来 [root@VM_14_49_centos .ssh]#
1. authorized_keys :在这里注册公钥
2. id_rsa :这是私钥, 用来在外部登录服务器(自已保管好)
3. id_rsa.pub :这是公钥,复制进 authorized_keys 注册
四。打开秘钥登录
[root@VM_14_49_centos ~]# vim /etc/ssh/sshd_config
修改:
RSAAuthentication yes PubkeyAuthentication yes //打开秘钥登录
PermitEmptyPasswords no //root禁止SSH登录(确保有root权限的账户)
PasswordAuthentication no //禁用密码登录(要先确保密钥能登录)
五。重启ssh服务
[root@VM_14_49_centos ~]# service sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
[root@VM_14_49_centos ~]#