CentOS 默認已安裝SSH ,配置文件 在/etc/ssh/ 目錄 下 有ssh_config 和sshd_config
ssd_config 是客戶端配置文件 sshd_config 是服務端配置文件
一:SSH默認是只有ROOT用戶可以登錄,怎么樣 開啟普通用戶:xiang 可以用SSH登錄了? 同時禁用ROOT登錄?
vi編輯 sshd_config 文件
[root@localhost ~]# vi /etc/ssh/sshd_config
PermitRootLogin no #禁用root用戶登錄
二:構建密鑰對驗證SSH登錄系統
1:客戶機配置(192.168.1.111)
[root@localhost ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): # 直接回車
Created directory ‘/root/.ssh’.
Enter passphrase (empty for no passphrase): # 密碼短信 用於保護私鑰文件
Enter same passphrase again:
Passphrases do not match. Try again.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
6d:eb:29:87:e2:f9:be:84:9d:a2:c0:51:e9:66:4c:ea root@localhost.localdomain #會生成兩個文件
[root@localhost ~]# ll -h ~/.ssh/
總計 8.0K
-rw——- 1 root root 1.8K 11-21 23:24 id_rsa
-rw-r–r– 1 root root 408 11-21 23:24 id_rsa.pub
id_rsa 是私鑰 id_rsa.pub 是公鑰
上傳公鑰到給服務器
2:服務器配置(192.168.1.114)
[root@localhost ~]# scp root@192.168.1.111:/root/.ssh/id_rsa.pub ./
root@192.168.1.111′s password:
id_rsa.pub 100% 408 0.4KB/s 00:00
[root@localhost ~]#
[root@localhost ~]# cp id_rsa.pub ~xiang005/.ssh/
[root@localhost .ssh]# ll
總用量 4
-rw-r–r– 1 root root 408 11月 22 00:08 id_rsa.pub
[root@localhost .ssh]# cat id_rsa.pub > authorized_keys
[root@localhost .ssh]# vi /etc/ssh/sshd_config
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication no
[root@localhost .ssh]# service sshd restart
停止 sshd:[確定]
正在啟動 sshd:[確定]
3:在客戶機上驗證
[root@localhost .ssh]# ssh xiang005@192.168.1.114
Enter passphrase for key ‘/root/.ssh/id_rsa’:
Last login: Wed Nov 21 23:14:53 2012 from 192.168.1.115
[xiang005@localhost ~]$
成功~~!