How to implement more secure SSH login on CentOS server using key authentication-Linux Operation and Maintenance-php.cn

Home

Operation and Maintenance

Linux Operation and Maintenance

How to implement more secure SSH login on CentOS server using key authentication

王林

Jul 05, 2023 pm 06:15 PM

sshcentos serverKey authentication

How to use key authentication to achieve more secure SSH login on CentOS server

In server management, ensuring system security is crucial. SSH (Secure Shell) is an encrypted network protocol used for remote login to Linux and UNIX servers. To further strengthen the security of the server, we can use key authentication instead of password login. This article will introduce how to implement a more secure SSH login on a CentOS server and provide corresponding code examples.

Step 1: Generate a key pair

First, generate a key pair on the local machine. Open a terminal window and enter the following command:

ssh-keygen -t rsa

This command will use the RSA algorithm to generate a key pair. Press Enter to confirm the key saving path and file name. You will then be asked to enter the password for your key. You can choose to set a password or leave it blank and press Enter to continue generating the key.

After successful generation, you will find two files under the specified path: id_rsa (private key) and id_rsa.pub (public key).

Step 2: Copy the public key to the server

Next, copy the public key to the CentOS server. Copy the public key to the server using the following command:

ssh-copy-id user@server_ip_address

Replace "user" with your username on the CentOS server and "server_ip_address" with the server's IP address. You will be asked to enter your password to authenticate.

After successfully copying the public key, you will get the following output:

Number of key(s) added: 1

Step 3: Configure SSH service

On the server, open the SSH configuration file to set it up. Open the file with the following command:

sudo vi /etc/ssh/sshd_config

Locate and ensure that the following lines are uncommented and set the values as follows:

PubkeyAuthentication yes
PasswordAuthentication no
PermitRootLogin no

Uncommenting means allow public key authentication, disable password authentication, and prohibit Log in directly as root user. After making changes, save and close the file.

Next, restart the SSH service to apply the changes:

sudo systemctl restart sshd

Step 4: Test SSH login

Now, you have completed the configuration. You can test whether the SSH login is successful using the following command:

ssh user@server_ip_address

Replace "user" with your username and "server_ip_address" with the server's IP address. The system will attempt to authenticate using your private key.

If everything is set up correctly, you will successfully log in to your CentOS server without entering a password.

Extra Tip:

To further enhance server security, you can use Passphrase to protect the private key. In this way, even if the private key is stolen, the authentication cannot be passed.
Make sure the permissions of the private key file are set to 600, that is, only the owner can read and write.
Use different key pairs to authenticate multiple users.
Replace the key pair regularly to increase security.

Summary:

Using key authentication can greatly improve the security of the server and prevent malicious logins and password brute force cracking. This article describes how to implement a more secure SSH login on a CentOS server and provides corresponding code examples. By following these steps, you can easily set up key authentication for your server and keep your system secure.

The above is the detailed content of How to implement more secure SSH login on CentOS server using key authentication. For more information, please follow other related articles on the PHP Chinese website!

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

The 5 Core Components of the Linux Operating SystemMay 08, 2025 am 12:08 AM

The five core components of the Linux operating system are: 1. Kernel, 2. System libraries, 3. System tools, 4. System services, 5. File system. These components work together to ensure the stable and efficient operation of the system, and together form a powerful and flexible operating system.

The 5 Essential Elements of Linux: ExplainedMay 07, 2025 am 12:14 AM

The five core elements of Linux are: 1. Kernel, 2. Command line interface, 3. File system, 4. Package management, 5. Community and open source. Together, these elements define the nature and functionality of Linux.

Linux Operations: Security and User ManagementMay 06, 2025 am 12:04 AM

Linux user management and security can be achieved through the following steps: 1. Create users and groups, using commands such as sudouseradd-m-gdevelopers-s/bin/bashjohn. 2. Bulkly create users and set password policies, using the for loop and chpasswd commands. 3. Check and fix common errors, home directory and shell settings. 4. Implement best practices such as strong cryptographic policies, regular audits and the principle of minimum authority. 5. Optimize performance, use sudo and adjust PAM module configuration. Through these methods, users can be effectively managed and system security can be improved.

Linux Operations: File System, Processes, and MoreMay 05, 2025 am 12:16 AM

The core operations of Linux file system and process management include file system management and process control. 1) File system operations include creating, deleting, copying and moving files or directories, using commands such as mkdir, rmdir, cp and mv. 2) Process management involves starting, monitoring and killing processes, using commands such as ./my_script.sh&, top and kill.

Linux Operations: Shell Scripting and AutomationMay 04, 2025 am 12:15 AM

Shell scripts are powerful tools for automated execution of commands in Linux systems. 1) The shell script executes commands line by line through the interpreter to process variable substitution and conditional judgment. 2) The basic usage includes backup operations, such as using the tar command to back up the directory. 3) Advanced usage involves the use of functions and case statements to manage services. 4) Debugging skills include using set-x to enable debugging mode and set-e to exit when the command fails. 5) Performance optimization is recommended to avoid subshells, use arrays and optimization loops.

Linux Operations: Understanding the Core FunctionalityMay 03, 2025 am 12:09 AM

Linux is a Unix-based multi-user, multi-tasking operating system that emphasizes simplicity, modularity and openness. Its core functions include: file system: organized in a tree structure, supports multiple file systems such as ext4, XFS, Btrfs, and use df-T to view file system types. Process management: View the process through the ps command, manage the process using PID, involving priority settings and signal processing. Network configuration: Flexible setting of IP addresses and managing network services, and use sudoipaddradd to configure IP. These features are applied in real-life operations through basic commands and advanced script automation, improving efficiency and reducing errors.

Linux: Entering and Exiting Maintenance ModeMay 02, 2025 am 12:01 AM

The methods to enter Linux maintenance mode include: 1. Edit the GRUB configuration file, add "single" or "1" parameters and update the GRUB configuration; 2. Edit the startup parameters in the GRUB menu, add "single" or "1". Exit maintenance mode only requires restarting the system. With these steps, you can quickly enter maintenance mode when needed and exit safely, ensuring system stability and security.

Understanding Linux: The Core Components DefinedMay 01, 2025 am 12:19 AM

The core components of Linux include kernel, shell, file system, process management and memory management. 1) Kernel management system resources, 2) shell provides user interaction interface, 3) file system supports multiple formats, 4) Process management is implemented through system calls such as fork, and 5) memory management uses virtual memory technology.

See all articles