Chinaunix首页 | 论坛 | 博客
  • 博客访问: 1880776
  • 博文数量: 333
  • 博客积分: 10791
  • 博客等级: 上将
  • 技术积分: 4314
  • 用 户 组: 普通用户
  • 注册时间: 2007-08-08 07:39
文章分类

全部博文(333)

文章存档

2015年(1)

2011年(116)

2010年(187)

2009年(25)

2008年(3)

2007年(1)

分类: LINUX

2011-03-24 18:53:01

一、通过 ssh-keygen命令创建认证文件

# ssh-keygen -b 1024 -t dsa



Generating public/private dsa key pair.

Enter file in which to save the key (/root/.ssh/id_dsa): 

Enter passphrase (empty for no passphrase): 

Enter same passphrase again: 

Your identification has been saved in /root/.ssh/id_dsa.

Your public key has been saved in /root/.ssh/id_dsa.pub.

The key fingerprint is:

...............................

The key's randomart image is:

.............................

如果没有更改路径的话,会在/.ssh/目录下产生:id_dsa和id_dsa.pub两个文件。其中id_dsa是要加载到ssh客户端的,id_dsa.pub是服务器端的匹配文件。

二、使用ssh-copy-id命令将生成服务器端认证文件加载到对应服务器

# ssh-copy-id -i <认证文件保存的目录>/id_dsa.pub @


The authenticity of host '192.168.1.202 (192.168.1.202)' can't be established.
RSA key fingerprint is 46:8f:d3:43:db:52:b1:c2:16:99:cd:03:9b:3f:0c:e8.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '
192.168.1.202' (RSA) to the list of known hosts.
@'
s password: <服务器口令>
Now try logging into the machine, with "ssh '@'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.


三、修改服务器的ssh配置文件

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys


四、将id_dsa加载到客户端
ssh客户端很多,这里只介绍Xshell(免费的为啥不用啊,\(^o^)/~)
properties -> Authentication -> method改成“Public key”,在Userkey中载入对应的认证文件

ok啦~不必再用用户名、口令登录了,方便了不少,安全了不少~

阅读(22211) | 评论(0) | 转发(1) |
给主人留下些什么吧!~~