一般建议不使用密码,而是使用RSA 证书进行登录,并且 RSA证书本身再加密
将有权限登入的公钥添加到 authorized_keys
[saops@check-list ~]$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/saops/.ssh/id_rsa):
Created directory '/home/saops/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/saops/.ssh/id_rsa.
Your public key has been saved in /home/saops/.ssh/id_rsa.pub.
The key fingerprint is:
3f:05:e8:af:c8:f3:42:3b:0b:d5:c6:63:75:a9:9c:6d saops@check-list
The key's randomart image is:
+--[ RSA 2048]----+
| |
| . . |
| . o o |
| + o * |
| . S + E |
| ..o + o |
| .. . + |
| o=. . . |
| +*o |
+-----------------+
[saops@check-list ~]$
[saops@check-list ~]$ cd .ssh/
[saops@check-list .ssh]$ ls
id_rsa id_rsa.pub
[saops@check-list .ssh]$ vim authorized_keys
[saops@check-list .ssh]$ ll authorized_keys
-rw-rw-r--. 1 saops saops 1209 Mar 29 17:11 authorized_keys
[saops@check-list .ssh]$ chmod 600 authorized_keys
[saops@check-list .ssh]$ ll
total 12
-rw-------. 1 saops saops 1209 Mar 29 17:11 authorized_keys
-rw-------. 1 saops saops 1675 Mar 29 17:07 id_rsa
-rw-r--r--. 1 saops saops 395 Mar 29 17:07 id_rsa.pub
[saops@check-list .ssh]$
可以调整部分参数使系统有较好的表现,或放开某些因为安全考虑而显得过于保守的设置,还有一些是基于特定应用场景的定向调优
本文系转载,前往查看
如有侵权,请联系 cloudcommunity@tencent.com 删除。
本文系转载,前往查看
如有侵权,请联系 cloudcommunity@tencent.com 删除。