The east wind doesn't come
The catkins don't fly in March
Current location: Literal coffee > Programming learning > Site building notes > text

VPS logs in using the SSH key Basic skills necessary for building a station

2019-04-12 Classification: Site building notes / Programming learning Reading (3582) Comments (1)

I wrote an article about Playing firewall is enough. It's not that difficult This article mainly tells some children's shoes that the reasonable use of firewalls can play a defensive role!

This article mainly talks about VPS login using SSH keys. Usually, after VPS or the server is enabled, it directly provides IP, port and root passwords. This login method is password login. If you do not install software like DenyHosts to prevent SSH password cracking, the login password can be easily cracked by force!

The SSH key login uses an asymmetric encryption algorithm to verify the login. To put it simply, first create a pair of keys, one of which is the private key stored in the local device, and the other is the public key, which is sent to your VPS. The reason why it is called a key pair is that messages encrypted with the public key can only be decrypted with the corresponding private key. So when connecting to the SSH server, the client software will send a request to the server to use the client's key for security verification. After receiving the request, the server first looks for the shared key in the user's root directory, and then compares it with the sent public key. If the two keys are consistent, the server encrypts the "challenge" with the public key and sends it to the client software (putty, xshell, etc.). After the client receives the challenge, it can decrypt it with the local private key and then send it to the server, which is quite secure.

1. Generate key pair

 ssh-keygen -t rsa Enter file in which to save the key (/root/. ssh/id_rsa) Enter passphrase (empty for no passphrase): enter the password (if left blank, enter directly) Enter same password again:

At this time, two files are generated in the/root/. ssh/directory, id_rsa is the private key, and id_rsa.pub is the public key. The private key is downloaded to the local computer for safekeeping (you can't log in again if you lose the server). For security, it is recommended to delete the private key on the server side.

2. Import KEY file

 cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys

3. Modify the SSH configuration file/etc/ssh/sshd_config

 RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys PasswordAuthentication no

4. Restart the SSH service

After completing the modification of the above configuration file, restart the SSH service, log in using SSH KEY, and restart the SSH service as follows:

 #CentOS system service sshd restart #Debian/Ubuntu system service ssh restart

After restarting, you can no longer log in with the account password. Interested students can try again, and the login failure will be displayed!

5. Log in using SSH KEY through Xshell

The method of use is simple. The IP port number remains unchanged. The places you need to change are shown in the following figure:

be careful:
1. The "user key" indicated by the arrow in the picture is the id_rsa private key file downloaded from the server in the step of "generating key pair", which is why you can keep the private key properly!
2. The "Password" indicated by the arrow in the picture is the password entered in the step of "Generate Key Pair"!

AD: [Theme recommendation] DUX self use optimization version, without any restrictions and backdoors, is an almost perfect theme!
Like( five ) Reward
Copyright notice: This article is authorized by the Knowledge Sharing Attribution 4.0 International License Agreement [BY-NC-SA]
Article name: VPS Login with SSH Key
Article link: https://www.wenzika.com/1594.html
The resources of this website are only for personal learning and exchange. Please delete them within 24 hours after downloading, and they are not allowed to be used for commercial purposes, otherwise the legal issues will be borne by yourself.
label:
Wonder Zhou

Wonder Zhou

A sleepworm who likes tossing and doing things!

Related recommendations

comment one

cancel

  • Nickname (required)
  • Email (required)
  • website
  1. #0

    There is no password entered in the generated key. You can't log in to XSHELL

    five million seven hundred and ninety-five thousand five hundred and sixteen Four years ago (2020-11-20) Singapore Google Browser Windows 10 reply

Literal Cafe QQ Communication Group

Literal coffee communication group: Literal Coffee Communication Group

Welcome to the QQ group of Literal Cafe! WordPress exchange, study and discuss, and grow together!

If you need the help of the blogger to find a friend of the software, you can add a QQ group and then send a private message to the blogger Reader Wall Leave a message~~~

Strongly recommended

The optimized version for DUX's own use is almost the perfect happy version

The self use optimized version of DUX has no restrictions and no back door, and has added more than 50 personalized functions on the basis of the original theme. It is a near perfect theme that can be used with confidence

Hot tags

Station construction (62) WordPress (53) Love tossing (44) Tools (18) Miscellaneous (14) Mood (12) Happy (10) DUX modification (9) Theme (9) Network welfare (8) Feeling (8) Fundamentals of Programming (6) Linux (6) Notes (5) Java (5) Active (4) VPS (3) English (3) Missing (3) SQL (2) Extract (2) Sad (2) Cracking software (2) Composition (2) Movie sharing (2) js (1) Website acceleration (1) Windows software (1) XIU Theme (1) Lossless Music (1)

Popular articles

Reward the author of the article if you think it is useful

Thank you very much for your reward, we will continue to give more high-quality content, let's create a better online world together!

Scan Alipay and reward

Scan WeChat and reward