CentOS7 启用密钥登录

本教程以root用户演示
1.进入该用户根目录

cd ~

2.创建密钥

[root@slave1 ~]# ssh-keygen 
Generating public/private rsa key pair.
#该命令提示的意思是：让我们定义私钥的存放路径，默认存在的路径是在/root/.ssh/id_rsa的下面
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
#该命令提示的意思是：定义私钥的密码，一般为了免密默认的留空，直接的回车
Enter passphrase (empty for no passphrase): 
该命令提示的意思是：确认密码设置
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:QuZWoxNQTWlFd5/wHmGiO/aQJH97sExwWO8gOzT38WI root@slave1
The key's randomart image is:
+---[RSA 2048]----+
|    ...o.+o .+.o |
|     .  +  .+.*.o|
|      +.o. O + *.|
|     + + .= X = +|
|      * S  X +E+.|
|     . o  . O.+. |
|             = . |
|              .  |
|                 |
+----[SHA256]-----+
[root@slave1 ~]# 

3.SSDH默认公钥文件为authorized_keys，可在配置中修改，此处使用默认配置。 创建authorized_keys，将公钥写入该文件并且授权。

[swack@localhost ~]$ touch .ssh/authorized_keys
[swack@localhost ~]$ cat /home/swack/.ssh/id_rsa.pub >> /home/swack/.ssh/authorized_keys

4.修改SSHD配置

vim /etc/ssh/sshd_config

修改以下参数

禁止密码登录
PasswordAuthentication no
启用密钥登录
PubkeyAuthentication yes

5.重启SSHD

systemctl reload sshd