1. 生成复杂root密码
# openssl rand -base64 12
a+uJ29c3ECR0BMAv
2. 生成sshkey
# ssh-keygen -N '' -b 2048 -t rsa -f srv-2-96
srv-2-96 srv-2-96.pub
3. sshkey公匙拷贝到目标服务器
# ssh-copy-id -f -i srv-2-96.pub [email protected]
4. 目标服务器变更ssh登录配置
# ssh仅允许sshkey登录
vim /etc/ssh/sshd_config
......
Port 29922
RSAAuthentication yes
PubkeyAuthentication yes
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
......
# systemctl force-reload sshd && systemctl restart sshd
标签:方案,sshd,sshkey,登录,srv,ssh,服务器,96
From: https://www.cnblogs.com/liujitao79/p/17997139