关于AS5 SSH支持key认证的完全解决方案
|
(2)服务器端 为了server安全性考虑,禁止空密码与密码登录系统。 需修改/etc/ssh/sshd.conf #PermitEmptyPasswords no 修改为 PermitEmptyPasswords no PasswordAuthentication yes ========= PasswordAuthentication no [root@viong .ssh]# service sshd restart 需要重启ssh才能使配置生效 Stopping sshd: [ OK ] Starting sshd: [ OK ] [root@viong ~]# ssh localhost The authenticity of host 'localhost (127.0.0.1)' can't be established. RSA key fingerprint is 05:de:f8:d8:7b:db:36:0a:1e:01:cc:06:64:0e:7e:0a. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'localhost' (RSA) to the list of known hosts. root@localhost's password: 输入系统密码 Last login: Tue Feb 23 00:32:06 2010 from 192.168.15.253 [root@viong ~]# cd ~/.ssh 利用RZ小工具上传刚刚客户端生成的Identity.pub到~/.ssh目录下 关于RZ 与SZ的安装请看http://viong.blog.51cto.com/844766/260081 [root@viong .ssh]#rz 上传Identity.pub [root@viong .ssh]# cat Identity.pub >>authorized_keys 把公钥的内容输出到authorized_keys [root@viong .ssh]# rm -rf Identity.pub 删除公钥 [root@viong .ssh]# chmod 400 authorized_keys 设置authorized_keys的权限为400 [root@viong .ssh]# ll total 12 -r-------- 1 root root 608 Feb 23 02:38 authorized_keys -rw-r--r-- 1 root root 391 Feb 23 02:34 known_hosts 重新连接服务器,提示密钥输入密码,说明设置成功了. ====================================================================== 客户端与服务器端都是linux系统基于RSA认证无私钥保护密码情况下 Client:192.168.15.50 server:192.168.15.64 Clinet: [root@client .ssh]# pwd /root/.ssh 如没这个目录,可以手动添加 [root@client .ssh]# ssh-keygen –t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): 直接回车 Enter passphrase (empty for no passphrase): 直接回车 Enter same passphrase again: 直接回车 Your identification has been saved in viong. Your public key has been saved inid_rsa .pub. The key fingerprint is: f9:14:16:7f:a8:68:f2:90:46:2e:28:b8:45:cc:aa:e9 root@client [root@client .ssh]# ll total 8 -rw------- 1 root root 1675 Feb 23 22:21 id_rsa -rw-r--r-- 1 root root 393 Feb 23 22:21 id_rsa .pub [root@client .ssh]# ssh-copy-id -i /root/.ssh/id_rsa .pub root@192.168.15.64 URL:http://www.bianceng.cn/OS/Linux/201410/45756.htm (编辑:源码网) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
