欧美一区二区三区,国内熟女精品熟女A片视频小说,日本av网,小鲜肉男男GAY做受XXX网站

freesshd密鑰怎么連接

PHP基礎
錢琪琛2年前57瀏覽0評論

freesshd密鑰怎么連接?

ssh通過密鑰進行連接

sshd服務提供兩種安全驗證的方法:

基于口令的安全驗證:經過驗證帳號與密碼即可登陸到遠程主機。

基于密鑰的安全驗證:需要在本地生成"密鑰對"后將公鑰傳送至服務端,進行公共密鑰的比較。

使用密碼驗證終歸會存在著被駭客暴力破解或嗅探監聽的危險,其實也可以讓ssh服務基于密鑰進行安全驗證(可無需密碼驗證),步驟如下:

1.在本地主機中生成密鑰對

復制代碼

[root@wluat ~]# ssh-keygen

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa): #回車或設置密鑰的存儲路徑

Created directory '/root/.ssh'.

Enter passphrase (empty for no passphrase): #回車或設置密鑰的密碼

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_RSA.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

92:9e:ae:cd:eb:40:a8:7c:ad:ac:af:89:c2:ce:16:fa root@wluat

The key's randomart image is:

+--[ RSA 2048]----+

. .

. . o S

.o ... o

+.....o

=o+ .=

=BE+.o*.

+-----------------+

復制代碼

注:這里為了ssh連接不要再輸入密碼,沒有輸入密碼,而是直接回車。

2.將生成好的公鑰密鑰傳送至遠程主機:

ssh-copy-id -i ~/.ssh/id_rsa.pub user@hostname

復制代碼

[root@wluat ~]# ssh-copy-id 192.168.0.80

The authenticity of host '192.168.0.80 (192.168.0.80)' can't be established.

RSA key fingerprint is af:b9:dc:e7:7d:45:d7:e0:ae:24:0f:b1:a3:1f:94:48.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '192.168.0.80' (RSA) to the list of known hosts.

root@192.168.0.80's password:

Now try logging into the machine, with "ssh '192.168.0.80'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

復制代碼

注:其是這個就相當于在服務器端建立了~/.ssh,目錄,并將公鑰寫到了遠程主機的"~/.ssh/authorized_keys"文件中,文件的權限如下:

root@wls12c ~]$ ll .ssh

總用量 8

-rw------- 1 root root 392 8月 17 14:15 authorized_keys

-rw-r--r-- 1 root root 1586 8月 17 12:01 known_hosts

[root@wls12c ~]$ ll .ssh/authorized_keys

-rw------- 1 root root 392 8月 17 14:15 .ssh/authorized_keys

如果是傳送到遠程主機的普通用戶,authorized_keys的權限并不是600,需要手工修改,否則報如下錯誤:

[root@wluat ~]# ssh weblogic@192.168.0.80

Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

或者手工復制公鑰到認證文件:

cat ~/.ssh/id_rsa.pub | ssh user@server "cat - >> ~/.ssh/authorized_keys"

3.測試,連接遠程主機的效果

ssh -i ~/.ssh/id_rsa user@hostname

[root@wluat ~]# ssh 192.168.0.80

Last login: Wed Aug 17 14:21:51 2016 from 192.168.0.150

[root@wls12c ~]$

已經實現了不要通過密碼驗證了