首先在服务器上生成密钥


[root@localhost support-files]# ssh-keygen -b 1024 -t rsa 生成密钥

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa): 安装路径 直接回车默认就好

Created directory '/root/.ssh'.

Enter passphrase (empty for no passphrase): 输入密钥的通行短语

Enter same passphrase again: 确认短语

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

b7:d1:01:3d:44:bc:9e:29:48:5b:e6:fd:b3:e0:bc:68 root@localhost.localdomain


[root@localhost support-files]# cd /root/.ssh/ 会生成2个 密钥

id_rsa id_rsa.pub


[root@localhost support-files]# vi /root/.ssh/authorized_keys 创建authorized_keys文件


[root@localhost support-files]# chmod 700 /root/.ssh/authorized_keys 赋予权限


[root@localhost support-files]# cat /root/.ssh/id_rsa.pub >>/root/.ssh/authorized_keys 将公钥拷贝到文件里


如果使用CRT进行远程链接将id_rsa 拷贝到windows里


如果使用的是putty 需要转换 具体步骤如下


使用putty key generator转换

151248906.jpg


将id_rsa 放进去 输入刚才生成的短语

151401376.jpg


点击保存

151528685.jpg


保存的文件要为xxx.ppk


[root@localhost ~]# vi /etc/ssh/sshd_config 打开ssh配置文件将以下三行注释


RSAAuthentication yes

PubkeyAuthentication yes

AuthorizedKeysFile .ssh/authorized_keys


PasswordAuthentication yes 改为 no 不允许密码登陆

:winSCP 用的密钥文件也是.ppk


最后重启sshd大功告成