服务器端配置 

OS: Debian-6.0.5 

复制代码

代码如下:

#apt-get install ssh 安装ssh服务




编辑/etc/ssh/sshd_config配置文件 



复制代码

代码如下:


Port 3322 #修改端口为3322(自定义) 
PermitRootLogin no #禁止root用户远程登录 
PubkeyAuthertication yes #允许用key登录 
PasswordAuthertication no #禁止远程ssh客户端用密码登录 


iptables设置 开启3322端口允许访问 



复制代码

代码如下:

iptables -I INPUT -p tcp --dport 3220 -j ACCEPT


方法一:管理员在服务器端为普通用户生成key 



(若无用户,先新建用户。debian用adduser) 



如为用户名为fengzhige生成ssh key, 



复制代码

代码如下:


adduser fengzhige #添加用户 
su - fengzhige #用fengzhige用户登录 


用ssh-keygen生成key 




复制代码

代码如下:

ssh-keygen -t rsa #生成RSA类型的key 
 
root@debian-2:~# su - fengzhige 
 
fengzhige@debian-2:~$ pwd 
 
/home/fengzhige 
 
fengzhige@debian-2:~$ ssh-keygen -t rsa 
 
Generating public/private rsa key pair. Enter file in which to save the key (/home/fengzhige/.ssh/id_rsa): fengzhige-key 
 
Enter passphrase (empty for no passphrase): 
 
Enter same passphrase again: Your identification has been saved in fengzhige-key. 
 
Your public key has been saved in fengzhige-key.pub. The key fingerprint is: f1:f5:5c:59:aa:4d:7d:b2:9a:56:c8:bc:50:8b:87:80 
 
fengzhige@debian-2 The key's randomart image is: 
 
+--[ RSA 2048]----+ 
 
| .| 
 
| . oo| 
 
| E o o +.+| 
 
| + B O +.| 
 
| S = B * | 
 
| o = | 
 
| = | 
 
| . | 
 
| | 
 
+-----------------+ 
 
fengzhige@debian-2:~$


对公钥设置一下 



复制代码

代码如下:

把私钥保存到有SecureCRT的客户端上。 

debian 下的ssh-keygen生成的key会在当前目录下: 
 
(fengzhige-key 私 fengzhige-key.pub 公) 
 
cd /home/fengzhige 
 
cd .ssh #可新建.ssh目录,公钥放在这里 
 
cat id_key.pub >> authorized_keys #改为指定的文件名authorized_keys



连接:

​​

 

​​

 

​​