Server: Ali Cloud Server
Operating System: CentOS 7 (Linux)
Remote client: Xshell5 (SSH certificate)
Logged in user: root
Create public and private keys on the server side
Log in to the system using the root user and be in the default directory for the current root user.
[root@iZ28snxdn5mZ ~]# who root pts/0 2017-12-03 14:06 (123.114.108.80) [root@iZ28snxdn5mZ ~]# pwd /root [root@iZ28snxdn5mZ ~]#
Execute the ssh-keygen-t RSA command to create a public key private key file.
[root@iZ28snxdn5mZ ~]# ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): /root/.ssh/root_rsa Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): #Set Password# Enter same passphrase again: #Set Password# [root@iZ28snxdn5mZ ~]# ll .ssh total 2 -rw------- 1 root root 1766 Dec 3 16:23 root_rsa -rw-r--r-- 1 root root 399 Dec 3 16:23 root_rsa.pub [root@iZ28snxdn5mZ ~]#
Enter the directory where the.ssh key is located
[root@iZ28snxdn5mZ ~]# cd .ssh [root@iZ28snxdn5mZ .ssh]# pwd /root/.ssh
Import the public key into the current user login script
[root@iZ28snxdn5mZ .ssh]# cat ./root_rsa.pub >> ./authorized_keys [root@iZ28snxdn5mZ .ssh]# ll total 12 -rw-r--r-- 1 root root 399 Dec 3 16:28 authorized_keys -rw------- 1 root root 1766 Dec 3 16:23 root_rsa -rw-r--r-- 1 root root 399 Dec 3 16:23 root_rsa.pub
Set user login key and login script permissions
[root@iZ28snxdn5mZ ~]# pwd /root [root@iZ28snxdn5mZ ~]# chown -R 700 .ssh [root@iZ28snxdn5mZ .ssh]# chown -R 644 .ssh/authorized_keys
Modify ssh profile properties
[root@iZ28snxdn5mZ etc]# vi /etc/ssh/sshd_config
Adjust the following property parameters
StrictModes no
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
Restart ssh service
[root@iZ28snxdn5mZ .ssh]# systemctl restart sshd.serviceXshell5 Client Connects to Server via Certificate
Create a connection session to fill in host connection information.
Download the generated key file from the server and import it into the client connection.
