1. 生成复杂root密码
# openssl rand -base64 12
a+uJ29c3ECR0BMAv
2. 生成sshkey
# ssh-keygen -N '' -b 2048 -t rsa -f srv-2-96
srv-2-96 srv-2-96.pub
3. sshkey公匙拷贝到目标服务器
# ssh-copy-id -f -i srv-2-96.pub root@110.10.32.10
4. 目标服务器变更ssh登录配置
# ssh仅允许sshkey登录
vim /etc/ssh/sshd_config
......
Port 29922
RSAAuthentication yes
PubkeyAuthentication yes
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
......
# systemctl force-reload sshd && systemctl restart sshd
浙公网安备 33010602011771号