ssh有两种连接方式

第一种:密码认证连接方式

 

[root@admin ~]# ssh root@192.168.1.25 (服务端的ip回车提示如下)
The authenticity of host '192.168.1.250 (192.168.1.250)' can't be established.
RSA key fingerprint is 75:f9:55:3b:da:0d:38:b2:c6:1b:e9:18:96:97:8a:2e.
Are you sure you want to continue connecting (yes/no)?(这里输入yes保证密钥回车)

Warning: Permanently added '192.168.1.250' (RSA) to the list of known hosts.
root@192.168.1.25's password:(输入密码回车)

第二种:密钥连接方式

 

[root@admin ~]# ssh-keygen(启动密钥连接方式)
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): (保持密钥的地方默认是保

                                                          存在当前用户目录下如需

                                                           修改,输入保持地址)
Enter passphrase (empty for no passphrase): (是否使用密码使用默认回车)
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
e4:4d:4c:b7:e4:ec:07:d5:a7:f0:3c:a0:b0:1f:98:a1 root@admin
The key's randomart p_w_picpath is:
+--[ RSA 2048]----+
|          . o .. |
|        oo =oo  o|
|       ..*o.== ..|
|      Eo+oo. .=  |
|        S.... .. |
|          .  .   |
|                 |
|                 |
|                 |
+-----------------+

密钥生成之后进入.ssh/目录会看到

 

[root@admin ~]# cd .ssh/
[root@admin .ssh]# ls
id_rsa  id_rsa.pub  known_hosts(id_rsa.pub)这个文件就是密钥认证文件

[root@admin .ssh]# ssh-copy-id -i id_rsa.pub root@192.168.1.25(把密钥发送给服务端)
root@192.168.1.25's password:(输入服务端密码)输入回车提示如下就成功了

Now try logging into the machine, with "ssh 'root@192.168.1.25'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

备注:如果系统装或发生其它不能正常连接的情况把.ssh/目录下的文件删除重新配置即可

 

如果想比较安全或控制用户登录进入cd /etc/ssh会看到

[root@admin .ssh]# cd /etc/ssh
[root@admin ssh]# ls
moduli       ssh_host_dsa_key      ssh_host_key.pub
ssh_config   ssh_host_dsa_key.pub  ssh_host_rsa_key
sshd_config  ssh_host_key          ssh_host_rsa_key.pub

ssh_config这个是客户端配置文件不用管,sshd_config这个是服务端配置文件修改这个就行

用vim打开ssh_config

 

SyslogFacility AUTHPRIV
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin yes(把这个改成no禁止用root登录)
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

 


# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
PasswordAuthentication yes(打这个改成no不能使用密码验证)