温馨提示×

Linux SSH Key权限设置指南

小樊
89
2024-08-07 10:21:24
栏目: 智能运维

SSH keys are a secure way of authenticating with a remote server using public-key cryptography. Here is a guide on how to set up and manage SSH keys on a Linux system:

  1. Generate SSH key pair:
  • Open a terminal on your Linux system.
  • Use the ssh-keygen command to generate a new SSH key pair. You can specify a different file name or location by using the -f option.
  • You will be prompted to enter a passphrase to protect your private key.
  1. Copy the public key to the remote server:
  • Use the ssh-copy-id command to copy your public key to the remote server. Make sure you have SSH access to the server using password authentication.
  • Enter your password when prompted.
  1. Set permissions on SSH key files:
  • Set the correct permissions on your SSH key files to ensure they are secure. Use the following commands:
    • chmod 700 ~/.ssh to set the correct permissions on the .ssh directory.
    • chmod 600 ~/.ssh/id_rsa to set the correct permissions on the private key file.
    • chmod 644 ~/.ssh/id_rsa.pub to set the correct permissions on the public key file.
  1. Configure SSH to use the key pair:
  • Open the ~/.ssh/config file in a text editor and add the following lines:
Host remote_server
    Hostname <remote_server_IP>
    User <remote_username>
    IdentityFile ~/.ssh/id_rsa
  • Replace <remote_server_IP> and <remote_username> with the IP address or hostname of the remote server and your username on the server, respectively.
  1. Test SSH key authentication:
  • Use the ssh remote_server command to test your SSH key authentication. You should be able to access the remote server without entering a password.
  1. Manage SSH keys:
  • You can add multiple SSH keys to your SSH agent using the ssh-add command.
  • Use the ssh-keygen -R <hostname> command to remove a host key from the known_hosts file.

By following these steps, you can set up and manage SSH keys on your Linux system securely. This will improve the security of your SSH connections and make it easier to authenticate with remote servers.

0