{"id":316,"date":"2024-11-16T18:34:07","date_gmt":"2024-11-16T10:34:07","guid":{"rendered":"https:\/\/telaker.cn\/?p=316"},"modified":"2024-11-16T18:56:10","modified_gmt":"2024-11-16T10:56:10","slug":"ssh_01","status":"publish","type":"post","link":"https:\/\/telaker.cn\/index.php\/2024\/11\/16\/ssh_01\/","title":{"rendered":"ssh\u516c\u94a5\u767b\u5f55\uff0c\u7981\u6b62\u5bc6\u7801\u767b\u5f55"},"content":{"rendered":"\n
    <\/ol>\n\n\n\n

    \u5236\u4f5c\u5bc6\u94a5\u5bf9<\/strong><\/h2>\n\n\n\n

    \u9996\u5148\u5728\u670d\u52a1\u5668\u4e0a\u5236\u4f5c\u5bc6\u94a5\u5bf9\u3002\u9996\u5148\u7528\u5bc6\u7801\u767b\u5f55\u5230\u4f60\u6253\u7b97\u4f7f\u7528\u5bc6\u94a5\u767b\u5f55\u7684\u8d26\u6237\uff0c\u7136\u540e\u6267\u884c\u4ee5\u4e0b\u547d\u4ee4\uff1a<\/p>\n\n\n\n

    [root@host ~]$ ssh-keygen<\/strong> <== \u5efa\u7acb\u5bc6\u94a5\u5bf9\nGenerating public\/private rsa key pair.\nEnter file in which to save the key (\/root\/.ssh\/id_rsa): <== \u6309 Enter\nCreated directory '\/root\/.ssh'.\nEnter passphrase (empty for no passphrase): <== \u8f93\u5165\u5bc6\u94a5\u9501\u7801\uff0c\u6216\u76f4\u63a5\u6309 Enter \u7559\u7a7a\nEnter same passphrase again: <== \u518d\u8f93\u5165\u4e00\u904d\u5bc6\u94a5\u9501\u7801\nYour identification has been saved in \/root\/.ssh\/id_rsa. <== \u79c1\u94a5\nYour public key has been saved in \/root\/.ssh\/id_rsa.pub. <== \u516c\u94a5\nThe key fingerprint is:\n0f:d3:e7:1a:1c:bd:5c:03:f1:19:f1:22:df:9b:cc:08 root@host<\/code><\/pre>\n\n\n\n
    \u5bc6\u94a5\u9501\u7801\u5728\u4f7f\u7528\u79c1\u94a5\u65f6\u5fc5\u987b\u8f93\u5165\uff0c\u8fd9\u6837\u5c31\u53ef\u4ee5\u4fdd\u62a4\u79c1\u94a5\u4e0d\u88ab\u76d7\u7528\u3002\u5f53\u7136\uff0c\u4e5f\u53ef\u4ee5\u7559\u7a7a\uff0c\u5b9e\u73b0\u65e0\u5bc6\u7801\u767b\u5f55\u3002
    \u73b0\u5728\uff0c\u5728 root \u7528\u6237\u7684\u5bb6\u76ee\u5f55\u4e2d\u751f\u6210\u4e86\u4e00\u4e2a .ssh \u7684\u9690\u85cf\u76ee\u5f55\uff0c\u5185\u542b\u4e24\u4e2a\u5bc6\u94a5\u6587\u4ef6\u3002id_rsa \u4e3a\u79c1\u94a5\uff0cid_rsa.pub \u4e3a\u516c\u94a5\u3002<\/p>\n\n\n\n
    \u5728\u670d\u52a1\u5668\u4e0a\u5b89\u88c5\u516c\u94a5<\/h2>\n\n\n\n
    \u952e\u5165\u4ee5\u4e0b\u547d\u4ee4\uff0c\u5728\u670d\u52a1\u5668\u4e0a\u5b89\u88c5\u516c\u94a5\uff1a<\/p>\n\n\n\n
    [root@host ~]$ cd .ssh\n[root@host .ssh]$ cat id_rsa.pub >> authorized_keys<\/code><\/pre>\n\n\n\n
    \u5982\u6b64\u4fbf\u5b8c\u6210\u4e86\u516c\u94a5\u7684\u5b89\u88c5\u3002\u4e3a\u4e86\u786e\u4fdd\u8fde\u63a5\u6210\u529f\uff0c\u8bf7\u4fdd\u8bc1\u4ee5\u4e0b\u6587\u4ef6\u6743\u9650\u6b63\u786e\uff1a<\/p>\n\n\n\n
    [root@host .ssh]$ chmod 600 authorized_keys\n[root@host .ssh]$ chmod 700 ~\/.ssh<\/code><\/pre>\n\n\n\n
    \u8bbe\u7f6e SSH\uff0c\u914d\u7f6e\u5bc6\u94a5\u767b\u5f55\u529f\u80fd<\/h2>\n\n\n\n
    \u7f16\u8f91 \/etc\/ssh\/sshd_config \u6587\u4ef6\uff0c\u8fdb\u884c\u5982\u4e0b\u8bbe\u7f6e\uff1a<\/p>\n\n\n\n
    RSAAuthentication yes\nPubkeyAuthentication yes\n# \u53e6\u5916\uff0c\u8bf7\u7559\u610f root \u7528\u6237\u80fd\u5426\u901a\u8fc7 SSH \u767b\u5f55\uff1a\nPermitRootLogin yes\n# \u5f53\u4f60\u5b8c\u6210\u5168\u90e8\u8bbe\u7f6e\uff0c\u5e76\u4ee5\u5bc6\u94a5\u65b9\u5f0f\u767b\u5f55\u6210\u529f\u540e\uff0c\u518d\u7981\u7528\u5bc6\u7801\u767b\u5f55\uff1a\nPasswordAuthentication no<\/code><\/pre>\n\n\n\n
    \u6700\u540e\uff0c\u91cd\u542f SSH \u670d\u52a1<\/h2>\n\n\n\n
    sudo systemctl restart sshd\nsudo service sshd restart<\/code><\/pre>\n\n\n\n
    \u53c2\u8003\u6587\u7ae0<\/h2>\n\n\n\n
    \u8bbe\u7f6e SSH \u901a\u8fc7\u5bc6\u94a5\u767b\u5f55<\/a><\/p>\n\n\n\n
    \/etc\/ssh\/sshd_config \u914d\u7f6e\u6587\u4ef6\u4e2d\u7684 PasswordAuthentication & PermitRootLogin \u53c2\u6570\u4f5c\u7528<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
    \u5236\u4f5c\u5bc6\u94a5\u5bf9 \u9996\u5148\u5728\u670d\u52a1\u5668\u4e0a\u5236\u4f5c\u5bc6\u94a5\u5bf9\u3002\u9996\u5148\u7528\u5bc6\u7801\u767b\u5f55\u5230\u4f60\u6253\u7b97\u4f7f\u7528\u5bc6\u94a5\u767b\u5f55\u7684\u8d26\u6237\uff0c\u7136\u540e\u6267\u884c\u4ee5\u4e0b\u547d\u4ee4\uff1a \u5bc6\u94a5\u9501\u7801\u5728 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20],"tags":[22],"class_list":["post-316","post","type-post","status-publish","format-standard","hentry","category-linux","tag-ssh"],"_links":{"self":[{"href":"https:\/\/telaker.cn\/index.php\/wp-json\/wp\/v2\/posts\/316","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/telaker.cn\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/telaker.cn\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/telaker.cn\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/telaker.cn\/index.php\/wp-json\/wp\/v2\/comments?post=316"}],"version-history":[{"count":0,"href":"https:\/\/telaker.cn\/index.php\/wp-json\/wp\/v2\/posts\/316\/revisions"}],"wp:attachment":[{"href":"https:\/\/telaker.cn\/index.php\/wp-json\/wp\/v2\/media?parent=316"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/telaker.cn\/index.php\/wp-json\/wp\/v2\/categories?post=316"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/telaker.cn\/index.php\/wp-json\/wp\/v2\/tags?post=316"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}