Note: This article applies to older SSH versions (SSH version 1). For the latest information on SSH key logins, see OpenSSH Public Key Authentication under Ubuntu .
SSH Config for SSH Key customize
On the remote server, the
/ Etc / ssh / sshd_config
to be edited. Change the following values:
current:
RSAAuthentification yes
New:
RSAAuthentification no
current:
#AuthorizedKeysFile% h / .ssh / authorized_keys
New:
AuthorizedKeysFile% h / .ssh / authorized_keys
current:
#IgnoreUserKnowHosts yes ChallengeResponseAuthentication yes PasswordAuthentification yes
New:
IgnoreUserKnowHosts yes ChallengeResponseAuthentication no PasswordAuthentification no
Then, restart the SSH service:
/etc/init.d/ssh restart
Generate a key pair on Linux
ssh-keygen -d
The key pair is now created. Next, you will be prompted for the name of the key and the location.
IMPORTANT: Protect your private key with a password.
You will find it in the home directory of your user
/home/$USERNAME/.ssh
the key pair.
id_dsa id_dsa.pub
The public key is located in the file
id_dsa.pub
The contents of this file are now stored on the remote server at:
/home/$USERNAME/.ssh/authorized_keys
If everything worked out, you should be able to log on to the remote server using the following command:
ssh $ SERVERIP_ODER_HOSTNAME_DES_ENTFERNTEN_SERVERS -i /home/$USERNAME/.ssh/id_dsa
Root direct login (optional)
DANGER:
Please be careful, otherwise you can lock yourself out. If you forbid the direct root login, there must be another user on the system
SSH is the default tool for Linux administrators. To protect the server better, you should ban the direct root login. You can still log on to the server with another user and then use per
su
to the root user.
To do this, we edit / etc / ssh / sshd_config and set
PermitRootLogin yes
on
PermitRootLogin no
0 Comments