RSA authentication in Linux login SSH

Method one,

Sometimes you need to log in to ssh, you need to enter a password every time, it will be cumbersome. So set up a way to log in to Linux using RSA public key authentication.

First need to set /etc/ssh/sshd_config

on the server side # vim /etc/ssh/sshd_config

Modify the following two behaviors yes. In fact, in most cases, there is no need to modify it. The default is yes.

RSAAuthentication yes

PubkeyAuthentication yes

(1) If the client and server are both Linux machines, then we use the following method: (mentioned later in Section 2) How to generate a key pair using Putty under Windows)

We need to generate an RSA key pair on the client. Use the ssh-keygen command:

# ssh-keygen -t rsa

The parameter t means type, followed by the encryption type, here we are rsa.

You will then be prompted to enter the key to save the file name. Here we need to use the default id_rsa before we can log in. If the key you generated is used for other purposes, you can name it another name:

Generating public/private rsa key pair.

Enter file in which to save the key (/home/cake /.ssh/id_rsa):

You will be prompted to enter a passphrase, which we can leave blank so that we can't enter the password when we log in.

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

You will then be prompted to generate the key successfully. This is your private key saved as ~/.ssh/id_rsa, your public key is ~/.ssh/id_rsa.pub

What we need to do now is to add the contents of id_rsa.pub The server-side ~/.ssh/autherized_keys file ends.

You can upload this file to the server and use the command:

# cat id_rsa.pub >> ~/.ssh/autherized_keys

Come here finished.

(2) Using Putty to generate a key pair under Windows:

There is a puttygen.exe program in Putty's installation directory. We run this program.

Then click Generate to start generating the key pair. We need to slide the mouse randomly within the specified box as prompted. This is to generate some random data based on the mouse trajectory.

After the build ends, we click Save Private Key to store the private key in a directory. Then assign the entire contents of the top text box and paste it to the end of the autherized_key on the Linux server.

We can now close this little program.

Now open Putty. In the options on the left, select Conneciton– SSH– Auth. In the Private key file for authentication, select the private key path you just saved.

At this point, Putty can also log in without a password.

Method 2

Using a Key Generated by a Linux Host

1. Generating a Key

[[email protected] .ssh]# Ssh-keygen -t rsa

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has Been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

e4:9a:47:a7:b4:8a:0b:98:07:b8: 70:de:6b:16:2c:[email protected]

2. Rename /root/.ssh/id_rsa.pub to /root/.ssh/authorized_keys

[[email protected] .ssh]#mv /root/.ssh/id_rsa.pub /root/.ssh/authorized_keys

3. Copy the private key id_rsa to the remote client

1) If the remote client is linux, copy to remote client /root/.ssh/

2), putty as remote client

putty does not recognize private keys copied directly from the server, you need to use puttygen.exe for format conversion

(1), open puttygen.exe --> Conversions --> Import Key

(2), select the copied private key file id_rsa

(3), Save private key-> id_rsa.ppk (save private key)

4 Open putty.exe

1), Session --> Host Name (fill in server address or domain name)

2), Connection --> SSH --> Auth (point Browse selects the newly generated id_rsa.ppk)

3), open

The following prompt appears after successful opening:

login as: root

Authenticating with Public key "imported-openssh-key"

---------------------------------- ------------------------------------------------

Of course you may encounter this error [because I have encountered it, huh, huh]:

Permissions 0755 for 'The public key file path you configured' are too open.

This is because of these files Some problems with permission settings

Execute the command: chmod 600 your file