linux 配置密钥登陆
1.服务器 root 下执行
ssh-keygen -t rsa -b 4096
一路回车
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
af:df:93:42:57:39:64:72:58:d5:8e:9a:da:89:cb:f8 root@localhost.localdomain
The key's randomart image is:
+--[ RSA 4096]----+
| o..o|
| o + .|
| = + |
| = .|
| S + . |
| .. + |
| ..= o |
| ++.= |
| ooEo.. |
+-----------------+
会在/root/.ssh/下生成id_rsa,id_rsa.pub
id_rsa 生成的是私钥
id_rsa.pub 生成的是公钥
2.将公钥信息写入到ssh认证文件里
cd /root/.ssh
cat id_rsa.pub >authorized_keys
权限要注意:否则会提示用户秘钥未在主机注册
chmod 755 /home/ubuntu/
chmod 700 /home/ubuntu/.ssh
chmod 600 /home/ubuntu/.ssh/authorized_keys
3.下载私钥到本地
4.修改sshd_config ,禁止密码认证登陆
修改 PasswordAuthentication为no 默认是yes
PasswordAuthentication no
5.重启 sshd服务