Debian series configuration ssh public key login
This article was last updated 249 days ago. The information in it may have developed or changed. If it is invalid, please leave a message in the comment section.

There are three ways of ssh remote login authentication: Password, Keyboard Interactive and Public Key.

The first two methods are password authentication, but the first method does not require delivery, while the second method requires interaction. The first method is generally used because compared to the second method, the first method can log in with one click as long as the username and password are set in advance in the ssh terminal. The third method of public key authentication is the safest login method because the authentication information does not need to be transmitted on the Internet, and this is also the default method used by cloud servers.

The following are the specific setup steps.

Log in to the target Linux server as the root user and enter the command to generate the public and private keys as follows:

ssh-keygen -t rsa

image.png

Note: Here, the command is used to generate the public and private keys on the target Linux server, but this step does not have to be generated on the target server. You can also generate the public and private keys separately, and then upload the public key to the target server (if there are a large number of servers that need to be uniformly configured with public key login, this method is the most suitable), for example, generate the public and private keys in the client system, and then use the command:

ssh-copy-id username@ip_address

Upload the public key to the authorized_keys file of the target host of the target server. Of course, you can also use a third-party tool to generate public and private keys. You can choose the method that suits you.

File permission settings:

cd /root/.ssh ls

You can see the RSA public key and private key that have been generated:

image.png

Set permissions for the key folder and the corresponding public and private key files respectively:

chmod 700 /root/.ssh/ chmod 600 ~/.ssh/id_rsa chmod 644 ~/.ssh/id_rsa.pub

Add the public key to the ~/.ssh/authorized_keys file:

cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys

Modify the configuration file of the sshd service to enable public key authentication:

vim /etc/ssh/sshd_config -------------------------- PubkeyAuthentication yes //Remove # and change it to yes. In fact, if it has not been modified, this is the system default configuration

If you need to configure the root user's ssh public key login, you also need to do the following configuration:

vim /etc/ssh/ssh_config ---------------------------- #PermitRootLogin prohibit-password //Remove #

After modifying the configuration file, remember to restart the ssh service:

systemctl restart ssh

Finally, download the private key file ~/.ssh/id_rsa and import it into the corresponding ssh client that needs to log in to the target Linux server (or the /.ssh folder in the user's home directory).

Note: In essence, each ssh client uploads its own RSA public key to the authorized_keys file (white list) of the target Linux server, and then when logging in, the target Linux server uses the public key in the white list to verify the identity of each ssh client.

The content of the blog is original. Please indicate the source when reprinting! For more blog articles, you can go toSitemapUnderstand. The RSS address of the blog is:https://blog.tangwudi.com/feed, welcome to subscribe; if necessary, you can joinTelegram GroupDiscuss the problem together.
No Comments

Send Comment Edit Comment


				
|´・ω・)ノ
ヾ(≧∇≦*)ゝ
(☆ω☆)
(╯‵□′)╯︵┴─┴
 ̄﹃ ̄
(/ω\)
∠(ᐛ 」∠)_
(๑•̀ㅁ•́ฅ)
→_→
୧(๑•̀⌄•́๑)૭
٩(ˊᗜˋ*)و
(ノ°ο°)ノ
(´இ皿இ`)
⌇●﹏●⌇
(ฅ´ω`ฅ)
(╯°A°)╯︵○○○
φ( ̄∇ ̄o)
ヾ(´・ ・`。)ノ"
( ง ᵒ̌ᵒ̌)ง⁼³₌₃
(ó﹏ò。)
Σ(っ°Д °;)っ
( ,,´・ω・)ノ"(´っω・`。)
╮(╯▽╰)╭
o(*////▽////*)q
>﹏<
( ๑´•ω•) "(ㆆᴗㆆ)
😂
😀
😅
😊
🙂
🙃
😌
😍
😘
😜
😝
😏
😒
🙄
😳
😡
😔
😫
😱
😭
💩
👻
🙌
🖕
👍
👫
👬
👭
🌚
🌝
🙈
💊
😶
🙏
🍦
🍉
😣
Source: github.com/k4yt3x/flowerhd
Emoticons
Emoji
Little Dinosaur
flower!
Previous
Next
       

This site has disabled the right mouse button and various shortcut keys. The code block content can be copied directly by clicking the copy button in the upper right corner

en_US