CentOS7 啓用密鑰登錄

本教程以root用戶演示
1.進入該用戶根目錄

cd ~

2.創建密鑰

[root@slave1 ~]# ssh-keygen 
Generating public/private rsa key pair.
#該命令提示的意思是：讓我們定義私鑰的存放路徑，默認存在的路徑是在/root/.ssh/id_rsa的下面
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
#該命令提示的意思是：定義私鑰的密碼，一般爲了免密默認的留空，直接的回車
Enter passphrase (empty for no passphrase): 
該命令提示的意思是：確認密碼設置
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:QuZWoxNQTWlFd5/wHmGiO/aQJH97sExwWO8gOzT38WI root@slave1
The key's randomart image is:
+---[RSA 2048]----+
|    ...o.+o .+.o |
|     .  +  .+.*.o|
|      +.o. O + *.|
|     + + .= X = +|
|      * S  X +E+.|
|     . o  . O.+. |
|             = . |
|              .  |
|                 |
+----[SHA256]-----+
[root@slave1 ~]# 

3.SSDH默認公鑰文件爲authorized_keys，可在配置中修改，此處使用默認配置。 創建authorized_keys，將公鑰寫入該文件並且授權。

[swack@localhost ~]$ touch .ssh/authorized_keys
[swack@localhost ~]$ cat /home/swack/.ssh/id_rsa.pub >> /home/swack/.ssh/authorized_keys

4.修改SSHD配置

vim /etc/ssh/sshd_config

修改以下參數

禁止密碼登錄
PasswordAuthentication no
啓用密鑰登錄
PubkeyAuthentication yes

5.重啓SSHD

systemctl reload sshd