How to Set Up SSH Keys In Ubuntu
来源:互联网 发布:程控切纸机程序编程 编辑:程序博客网 时间:2024/05/17 07:08
http://superuser.com/questions/232362/how-to-convert-ppk-key-to-openssh-key-under-linux
- Linux:
sudo apt-get install putty-tools
- OS X:
brew install putty
puttygen id_dsa.ppk -O private-openssh -o id_dsa
方法一:http://www.ubuntulinuxhelp.com/how-to-ssh-on-ubuntu-a-simple-guide/
The SSH Client
The SSH Client is the piece of software that you have on the computer you are sitting in front of and typing on. It sends messages to the SSH server which is on the remote computer (such as the webserver). We’ll assume that there is already a valid SSH server up and running that you are trying to connect to.
In Ubuntu, there is a SSH client installed as standard and it is called Open SSH.
To use it, you simply open a terminal and proceed any command with “ssh”.
For example, if you would like to log in to your remote server, just use the command…
ssh username@mysite.myserver.org
However, as this is a blog that likes to keep things simple (and annoy a lot of the die-hard Linux geeks), I’m going to suggest a different tool… PuTTY.
PuTTY is a client program for SSH (among other things) and gives a neat little interface for making SSH connections. It is also in my opinion one of the best pieces of software ever written. It has been around for ever and can also be used on Windows without installation (just runs as a .exe). Learn this little guy and you will never look for another SSH client.
Install PuTTY by typing the following into a terminal…
sudo apt-get install putty
You will then find the PuTTY program among your other internet applications.
(When you start it up, you will be able to enter the ip address or name of the remote computer you wish to contact and click connect. You will then be asked for password etc. If you are going to be using SSH regular, you can save that connection as a profile which makes things easier).
原文地址:https://www.digitalocean.com/community/articles/how-to-set-up-ssh-keys--2
How to Set Up SSH Keys
About SSH Keys
SSH keys provide a more secure way of logging into a virtual private server with SSH than using a password alone. While a password can eventually be cracked with a brute force attack, SSH keys are nearly impossible to decipher by brute force alone. Generating a key pair provides you with two long string of characters: a public and a private key. You can place the public key on any server, and then unlock it by connecting to it with a client that already has the private key. When the two match up, the system unlocks without the need for a password. You can increase security even more by protecting the private key with a passphrase.
Step One—Create the RSA Key Pair
The first step is to create the key pair on the client machine (there is a good chance that this will just be your computer):
ssh-keygen -t rsa
Step Two—Store the Keys and Passphrase
Once you have entered the Gen Key command, you will get a few more questions:
Enter file in which to save the key (/demo/.ssh/id_rsa):
You can press enter here, saving the file to the user home (in this case, my example user is called demo).
Enter passphrase (empty for no passphrase):
It's up to you whether you want to use a passphrase.
Entering a passphrase does have its benefits: the security of a key, no matter how encrypted, still depends on the fact that it is not visible to anyone else. Should a passphrase-protected private key fall into an unauthorized users possession, they will be unable to log in to its associated accounts until they figure out the passphrase, buying the hacked user some extra time. The only downside, of course, to having a passphrase, is then having to type it in each time you use the Key Pair.
The entire key generation process looks like this:
ssh-keygen -t rsaGenerating public/private rsa key pair.Enter file in which to save the key (/demo/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /demo/.ssh/id_rsa.Your public key has been saved in /demo/.ssh/id_rsa.pub.The key fingerprint is:4a:dd:0a:c6:35:4e:3f:ed:27:38:8c:74:44:4d:93:67 demo@aThe key's randomart image is:+--[ RSA 2048]----+| .oo. || . o.E || + . o || . = = . || = S = . || o + = + || . o + o . || . o || |+-----------------+
The public key is now located in /demo/.ssh/id_rsa.pub
The private key (identification) is now located in /demo/.ssh/id_rsa
Step Three—Copy the Public Key
Once the key pair is generated, it's time to place the public key on the virtual server that we want to use.
You can copy the public key into the new machine's authorized_keys file with the ssh-copy-id command. Make sure to replace the example username and IP address below.
ssh-copy-id user@123.45.56.78
Alternatively, you can paste in the keys using SSH:
cat .ssh/id_rsa.pub | ssh user@123.45.56.78 "cat >> ~/.ssh/authorized_keys"
No matter which command you chose, you should see something like:
The authenticity of host '12.34.56.78 (12.34.56.78)' can't be established.RSA key fingerprint is b1:2d:33:67:ce:35:4d:5f:f3:a8:cd:c0:c4:48:86:12.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added '12.34.56.78' (RSA) to the list of known hosts.user@12.34.56.78's password: Now try logging into the machine, with "ssh 'user@12.34.56.78'", and check in: ~/.ssh/authorized_keysto make sure we haven't added extra keys that you weren't expecting.
Now you can go ahead and log into user@12.34.56.78 and you will not be prompted for a password. However, if you set a passphrase, you will be asked to enter the passphrase at that time (and whenever else you log in in the future).
Optional Step Four—Disable the Password for Root Login
Once you have copied your SSH keys unto your server and ensured that you can log in with the SSH keys alone, you can go ahead and restrict the root login to only be permitted via SSH keys.In order to do this, open up the SSH config file:
sudo nano /etc/ssh/sshd_config
Within that file, find the line that includes
PermitRootLogin
and modify it to ensure that users can only connect with their SSH key:PermitRootLogin without-password
Put the changes into effect:
reload ssh
Digital Ocean Addendum
The Digital Ocean control allows you to add public keys to your new droplets when they're created. You can generate the SSH Key in a convenient location, such as the computer, and then upload the public key to the SSH key section.
Then, when you create a new VPS, you can choose to include that public key on the server. No root password will be emailed to you and you can log in to your new virtual private server from your chosen client. If you created a passphrase, you will be prompted to enter that upon login.
- How to Set Up SSH Keys In Ubuntu
- How To Set Up Database Replication In MySQL On Ubuntu
- How-To: Set up SVN with Apache2 in Linux (Ubuntu)
- How to Set Up Your Own Home Seedbox (in Windows)
- Chinese Input Methods in Ubuntu 14, 13, 12, 11, and 10(How to Set Up Ubuntu Chinese IMEs)
- How to set up IceScrum on Ubuntu 12.04
- How to Set Up vsftpd on Ubuntu 12.04
- How To Set Up an OpenVPN Server on Ubuntu 14.04
- How To Set Up vsftpd on Ubuntu 12.04
- How To Set Up an OpenVPN Server on Ubuntu 14.04
- How to set up MultiComboBoxColumn?
- How to set up a repository's origin branch to be SSH
- Set up SVN in Ubuntu
- How to set network proxy for terminal in Ubuntu
- SD-How to set up sales area
- How to Set Up a Cron Job
- how to set up a plan
- How to Set Up a Cron Job
- 阅读优秀代码是提高开发人员修为的一种捷径
- VC操作Windows快捷方式(自己总结)
- 第一个Android项目——计算器
- Struts2中namespace的用法
- 努力在今天
- How to Set Up SSH Keys In Ubuntu
- 程序员的怎样快速成长进步
- android4.2编译(ubuntu 64位)
- 二叉树-最近公共祖先(LCA)
- nginx学习资料
- 添加/system/etc/init.d脚本支持
- Linux进程间通信——使用数据报套接字
- python学习资料
- Why and how to pack your textures for iOS/Android