SSH配置公钥登陆
充许系统运行SSHD
在/etc/rc.conf
加入
sshd_enable=”YES”
手动运行SSHD
/etc/rc.d/sshd start
生成证书
ssh-keygen -b 4096 -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/hzqbbc/.ssh/id_dsa):
Enter file in which to save the key (/home/hzqbbc/.ssh/id_dsa):
在下面的提示输入密码,就算别人拿到了证书也不会这么容易破解
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/hzqbbc/.ssh/id_dsa.
Your public key has been saved in /home/hzqbbc/.ssh/id_dsa.pub.
The key fingerprint is:
aa:0a:3c:be:7f:35:9b:4f:82:bf:1d:ca:0b:dc:bc:cc hzqbbc@p4
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/hzqbbc/.ssh/id_dsa.
Your public key has been saved in /home/hzqbbc/.ssh/id_dsa.pub.
The key fingerprint is:
aa:0a:3c:be:7f:35:9b:4f:82:bf:1d:ca:0b:dc:bc:cc hzqbbc@p4
把公钥放置密码验证文件
cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys
配置sshd_config
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
AuthorizedKeysFile .ssh/authorized_keys
#禁止密码验证登陆
PasswordAuthentication no
# Change to no to disable PAM authentication
ChallengeResponseAuthentication no
ChallengeResponseAuthentication no
服务器端相关配置完成。。
客户端的设置,互联网上太多了,搜索一下就行了。