ssh证书登录

下文讲演示如何利用ssh key 证书实现ssh登陆：

1.[root@postfix .ssh]# vim /etc/ssh/sshd_config 

   修改ssh配置文件：

        RSAAuthentication yes

        PubkeyAuthentication yes

        AuthorizedKeysFile      .ssh/authorized_keys

        StrictModes no

        PermitEmptyPasswords no

        PasswordAuthentication no

2. cd /home/tangbo

    mkdir .ssh

touch .ssh/authorized_keys

chmod 700 .ssh/

chmod 600 .ssh/authorized_keys

chown -R tangbo:tangbo .ssh

3.service sshd restart

4.生成证书：在客户端生成

  ssh-keygen  -t rsa  

  [root@postfix .ssh]# cat authorized_keys 

  将公钥文件复制到该目录内：ssh-rsa      AAAAB3NzaC1yc2EAAAABIwAAAIEAyAfDQ6UOGLS2drrrJtFYo1F2gvIN6nryxtoV9kCn+dU0hawpqWeYQX1q4qlYNplpESdMV87pSATAfuGihXh0qTY3YAEQhSJst9UniuBwi6lU9jyym8IzWcWe7cmOhoB4gR9u86QItfXLzmLPtMwzd91xgOq2VfhYIMbqXPMPWrM=

5.私钥用于客户端