Home >Operation and Maintenance >Linux Operation and Maintenance >How to configure and manage SSH key pairs in Linux SysOps
Configuration and management method of SSH key pair in Linux SysOps
In Linux system operation and maintenance (SysOps), SSH (Secure Shell) is a commonly used Remote login and management tools. The configuration and management of SSH key pairs is an important part of ensuring connection security and simplifying the login process. This article will introduce how to configure and manage SSH key pairs and provide specific code examples.
SSH key pair usually consists of public key and private key. The public key is used to encrypt data, and the private key is used to decrypt it. The generation and configuration of the key pair is divided into the following steps:
Generate the key pair
First, execute the following command in the Linux terminal to generate the key pair:
$ ssh-keygen -t rsa -b 4096
This command will generate a 4096-bit RSA key pair and save the public key and private key in ~/.ssh/id_rsa.pub
and # respectively. ##~/.ssh/id_rsa file.
Next, copy the generated public key content to the
~/.ssh/authorized_keys file of the target server to achieve Public key authentication. The public key can be copied to the target server using the following command:
$ ssh-copy-id user@host
user is the username of the target server and
host is the target The IP address or domain name of the server.
In order to ensure the security of the SSH key pair, you need to modify the configuration of the SSH server. Edit the
/etc/ssh/sshd_config file on the target server and set the following parameters to the corresponding values:
PubkeyAuthentication yes PasswordAuthentication no PermitRootLogin no
PubkeyAuthentication To
yes, enable public key authentication; set
PasswordAuthentication to
no, disable password authentication; set
PermitRootLogin to
no , prohibit logging in as root user.
Execute the following command on the target server to reload the SSH service and make the configuration take effect:
$ systemctl reload sshd
$ ssh user@hostwhere
user is the user name of the target server, and
host is the IP address or domain name of the target server.
The above is the detailed content of How to configure and manage SSH key pairs in Linux SysOps. For more information, please follow other related articles on the PHP Chinese website!