1、资料

2、sshd配置

1
vi /etc/ssh/sshd_config
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
PermitRootLogin yes
StrictModes no
PubkeyAuthentication yes
AuthorizedKeysFile  .ssh/authorized_keys
PasswordAuthentication no
ClientAliveInterval 3
ClientAliveCountMax 10
UseDNS no
# 允许ssh端口转发
AllowAgentForwarding yes 
AllowTcpForwarding yes 
GatewayPorts yes 
X11Forwarding yes
1
vi /etc/ssh/ssh_config
1
2
StrictHostKeyChecking no
UserKnownHostsFile /dev/null

3、使用私钥登录

1
2
3
4
5
6
7
# 远端生成密钥对
ssh-keygen -t rsa;
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
# 客户端拿到远端生成id_rsa(私钥)登录
mv id_rsa id_rsa.pem
chmod 0400 id_rsa.pem
ssh -p 22 -i id_rsa.pem user@remote-host

4、免密码登录

1
2
3
4
# 客户端生成密钥对
ssh-keygen -t rsa
# 将客户端生成的公钥放到远端用户~/.ssh/authorized_keys
ssh-copy-id -i ~/.ssh/id_rsa.pub user@remote-host