切换到用户home目录,比如当前用户目录
cd ~/.ssh/
生成pem格式的秘钥
ssh-keygen -m PEM -t rsa
提示输入秘钥密码,如果不需要密码可以自己回车,默认空密码
建议加上密码,这样别人获取了这个私钥文件没有密码也无法使用
提示生成私钥文件id_rsa和公钥文件id_rsa.pub
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
写入公钥到authorized_keys
cat id_rsa.pub >> authorized_keys
设置秘钥文件和目录权限
chmod 600 authorized_keys
chmod 700 ./
配置sshd,打开秘钥登录选项
vim /etc/ssh/sshd_config
RSAAuthentication yes
PubkeyAuthentication yes
重启sshd服务
systemctl restart sshd
下载私钥文件id_rsa,这个私钥文件可用于ssh客户端连接,配置好ssh客户端完成联通测试。测试通过,配置sshd,禁用密码登录选项
vim /etc/ssh/sshd_config
PasswordAuthentication no
重启sshd服务
systemctl restart sshd