Alan Hou的个人博客

Linux使用SSH证书远程登录

Alan

在root目录下输入ssh-keygen -t rsa -b 4096,然后根据需要输入证书文件保存路径和名称,以下采用默认名称

[root@vultr ~]# ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
b4:08:a0:58:8a:23:1a:bb:81:2b:c6:38:3f:16:05:b6 root@vultr.guest
The key's randomart image is:
+--[ RSA 4096]----+
|  o              |
|o+o.             |
|O. o.   .        |
|++E .. o .       |
|=  .  . S        |
|o+.              |
|*o .             |
|ooo              |
| ...             |
+-----------------+

cd到root/.ssh/目录下,执行cp id_rsa.pub authorized_keys,因为openssh缺省的文件名是authorized_keys。

将id_rsa文件下载到本地,以Xshell为例,在新建会话时方法下拉框中选择public_key,用户名输入root,然后点击浏览导入刚刚下载的证书,密码为刚刚设置的paraphrase

退出移动版