每次都教一遍,记录一下,下次直接甩链接吧。

#生成密钥对

1
2
3
4
5
6
7
8
9
10
11
12
$ ssh-keygen -t rsa -m PEM
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
# 回车
Enter passphrase (empty for no passphrase):
# 回车
Enter same passphrase again:
# 回车
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
...

#拷贝生效

1
2
3
4
5
6
7
8
$ cd .ssh/
$ ls
authorized_keys  id_rsa  id_rsa.pub
$ cp id_rsa.pub authorized_keys
cp: overwrite ‘authorized_keys’? y
# 覆盖之前确认一下确实是可以覆盖的
# 当然如果不能覆盖那就追加
$ cat id_rsa.pub >> authorized_keys

#保存私钥

1
2
3
4
$ cat id_rsa
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----

打开记事本,随便命名一个空后缀文件:比如我命名为:node,把从-----BEGIN RSA PRIVATE KEY----------END RSA PRIVATE KEY-----粘贴进去,保存。

#修改私钥权限

LinuxMacOS就很简单了:

1
chmod 600 node

Windows比较麻烦,参照这篇:Linux 追加日志测试

#修改 sshd_config

1
vi /etc/ssh/sshd_config

找到如下一行:

1
2
3
# PubkeyAuthentication yes
# 把"#"去掉
PubkeyAuthentication yes

保存。

1
service sshd restart
1
2
3
4
$ ssh root@node.onns.xyz -i node
Last login: Mon Sep  7 13:27:19 2020 from 120.35.73.25

Welcome to Alibaba Cloud Elastic Compute Service !