服务器端配置
OS: Debian-6.0.5
复制代码
代码如下:#apt-get install ssh 安装ssh服务
编辑/etc/ssh/sshd_config配置文件
复制代码
代码如下:Port 3322 #修改端口为3322(自定义)
PermitRootLogin no #禁止root用户远程登录
PubkeyAuthertication yes #允许用key登录
PasswordAuthertication no #禁止远程ssh客户端用密码登录
iptables设置 开启3322端口允许访问
复制代码
代码如下:iptables -I INPUT -p tcp --dport 3220 -j ACCEPT
方法一:管理员在服务器端为普通用户生成key
(若无用户,先新建用户。debian用adduser)
如为用户名为fengzhige生成ssh key,
复制代码
代码如下:adduser fengzhige #添加用户
su - fengzhige #用fengzhige用户登录
用ssh-keygen生成key
复制代码
代码如下:ssh-keygen -t rsa #生成RSA类型的key
root@debian-2:~# su - fengzhige
fengzhige@debian-2:~$ pwd
/home/fengzhige
fengzhige@debian-2:~$ ssh-keygen -t rsa
Generating public/private rsa key pair. Enter file in which to save the key (/home/fengzhige/.ssh/id_rsa): fengzhige-key
Enter passphrase (empty for no passphrase):
Enter same passphrase again: Your identification has been saved in fengzhige-key.
Your public key has been saved in fengzhige-key.pub. The key fingerprint is: f1:f5:5c:59:aa:4d:7d:b2:9a:56:c8:bc:50:8b:87:80
fengzhige@debian-2 The key's randomart image is:
+--[ RSA 2048]----+
| .|
| . oo|
| E o o +.+|
| + B O +.|
| S = B * |
| o = |
| = |
| . |
| |
+-----------------+
fengzhige@debian-2:~$
对公钥设置一下
复制代码
代码如下:debian 下的ssh-keygen生成的key会在当前目录下:
(fengzhige-key 私 fengzhige-key.pub 公)
cd /home/fengzhige
cd .ssh #可新建.ssh目录,公钥放在这里
cat id_key.pub >> authorized_keys #改为指定的文件名authorized_keys
把私钥保存到有SecureCRT的客户端上。
连接: