Setting SSH key in centos8

Time:2021-5-8

The two most popular SSH authentication mechanisms are password based authentication and public key based authentication. Using SSH keys is usually more secure and convenient than traditional password authentication.
environment
Client: centos8 192.168.43.137

Server: centos8 192.168.43.139

Create SSH public and private key
Generate a new 4096 bit SSH key pair by entering the following command:

[[email protected] ~]# ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:ycOtSDK8ud2kd6EH7OxoQuc1BFb1HJ3T/kvAQJt0LrI [email protected]
The key’s randomart image is:
+—[RSA 4096]—-+
| …oo.o o |
| o .+=.+ .|
| . . . +=. o |
| . o.oo .o .|
| + .oSE. . .|
| .*..=o. ..|
| .oo.+o+ . . .|
| .oo== o . |
| .o+ooo |
+—-[SHA256]—–+
Setting SSH key in centos8 setting SSH key in centos8
To verify whether a new SSH key pair is generated, use the LS – L command to check whether the ~ /. SSH directory has the file generated just now

[[email protected] ~]# ll ~/.ssh/
total 8
-rw——- 1 root root 3389 May 13 08:26 id_rsa
-rw-r–r– 1 root root 752 May 13 08:26 id_rsa.pub
Setting SSH key in centos8 setting SSH key in centos8
Copy the public key to the remote server, and use SSH copy ID Utility to enter the root password of the remote server

[[email protected] ~]# ssh-copy-id [email protected]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/root/.ssh/id_rsa.pub”
The authenticity of host ‘192.168.43.139 (192.168.43.139)’ can’t be established.
ECDSA key fingerprint is SHA256:7O1oIOooh4NZG87aC3v1Zz/vcTXkjOhQBnlkY0CD4y0.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
Password:

Number of key(s) added: 1

Now try logging into the machine, with: “ssh ‘[email protected]′”
and check to make sure that only the key(s) you wanted were added.
Setting SSH key in centos8 setting SSH key in centos8
You can also copy the public key using the following command:

[[email protected] .ssh]# cat ~/.ssh/id_rsa.pub | ssh [email protected] “mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys”
Log in to the server with a key
Log in to the ssh server with the following command:

[[email protected] ~]# ssh 192.168.43.139
Last login: Tue May 12 12:33:41 2020 from 192.168.43.137
Setting SSH key in centos8 setting SSH key in centos8

Turn off password authentication
Log in to the server and turn off password authentication

[[email protected] ~]# ssh 192.168.43.139
Last login: Tue May 12 12:33:41 2020 from 192.168.43.137
[[email protected] ~]# vim /etc/ssh/sshd_config
Search for three and change the option to No
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM no
Setting SSH key in centos8 setting SSH key in centos8
Restart the sshd service:

[[email protected] ~]# systemctl restart sshd
summary
You can use the same key to manage multiple remote servers. By default, the port of SSH is TCP 22. Changing the default SSH port can reduce the risk of automatic attacks.

Recommended Today

Looking for frustration 1.0

I believe you have a basic understanding of trust in yesterday’s article. Today we will give a complete introduction to trust. Why choose rust It’s a language that gives everyone the ability to build reliable and efficient software. You can’t write unsafe code here (unsafe block is not in the scope of discussion). Most of […]