说明:阿里云ECS购买时选择使用密钥对登录,因此不能使用账号密码登录,在新分配的用户也必须使用密钥对登录,因此创建新的用户guest01并创建相应的密钥对文件,远程通过xshell来登录
1.新增一个用户组Guest
$ groupadd Guest
2.在用户组Guest中创建一个用户guest并指定用户的目录为/home/guest/guest01
$ mkdir -p /home/guest
$ useradd guest01 -g Guest -d /home/guest/guest01
3.切换到guest用户并进入用户目录
$ su guest01
$ cd ~/
4.使用如下命令创建密钥对文件,一路回车,无需输入
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/guest/guest01/.ssh/id_rsa):
Created directory '/home/guest/guest01/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/guest/guest01/.ssh/id_rsa.
Your public key has been saved in /home/guest/guest01/.ssh/id_rsa.pub.
The key fingerprint is:
6e:11:3e:55:66:4e:b6:72:4b:6f:ee:95:a6:a3:85:9d guest@aikafka
The key's randomart image is:
+--[ RSA 2048]----+
| * |
| B . |
| . o = |
| . o + o |
| S . o |
| . o oo. .|
| o . E.o.|
| . .oo. |
| ...o |
+-----------------+
5.将公钥文件重命名为authorized_keys
$ mv id_rsa.pub authorized_keys
6.便于区分,也将私钥文件重命名
$ mv id_rsa id_rsa_guest01.pem
7.将目录.ssh权限设置为700,公钥文件authorized_keys设置为644
$ chmod 700 ../.ssh/
$ chmod 644 authorized_keys
8.由于此时guest的私钥文件还在服务器,远程还不能登录,因此切换回root用户将私钥文件下载到远程本地
9.使用xshell配置连接
连接>名称:guest01
连接>主机:47.96.28.236
连接>端口:22
用户身份验证>方法:Public Key
用户身份验证>用户名:guest01
用户身份验证>用户密钥>浏览>刚刚下载的id_rsa_guest01.pem>打开>选中刚刚导入的名为id_rsa_guest001的密钥>确定>确定
….
成功登陆
Connecting to 47.96.28.236:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
Last login: Sat Nov 11 18:15:36 2017
Welcome to Alibaba Cloud Elastic Compute Service !
[guest01@aikafka ~]$