mirror of
https://github.com/LCTT/TranslateProject.git
synced 2025-01-13 22:30:37 +08:00
Xingyu.Wang
commit
0e02e545b7
@ -1,87 +0,0 @@
|
||||
translating by martin.
|
||||
|
||||
How to Setup Passwordless SSH Logon to Ubuntu 14.04
|
||||
================================================================================
|
||||
Hi all, today we'll gonna learn how we can setup Passwordless SSH Logon to Ubuntu 14.04 "Trusty". Only the workstations having the correct matching key pair (private and public) will be allowed to logon to the SSH server, without the key paring, access will not be allowed.
|
||||
|
||||
Usually, we need to enter username and password combination to connect to an SSH console. If the combination is correct to that of the system's then, we get access to the server else we are denied from the access. But, there is something more secure than Password logon, we have passwordless SSH logon using the encrypted keys.
|
||||
|
||||
If you want to enable this secured option, we can simply disable password-logon and only allow logon using an encryption key. When using encryption keys option, the client computer generates a private and public key pair. The client then must upload the public key to the SSH server authorized_key file. Before access is granted, the server and client computer validate the key pair. If the public key on the server matches the private key submitted via the client then access will be granted else will be denied.
|
||||
|
||||
This is a very secure way authenticating to a SSH server and it’s a recommended method if you wish to implement secure logon with single user SSH logon. Here's a quick step-wise process on how to enable Passwordless SSH logon.
|
||||
|
||||
### 1. Installing Openssh Server ###
|
||||
|
||||
First off all, we'll need to update our local repository index. To do so, we'll first need to run apt-get update as shown below.
|
||||
|
||||
$ sudo apt-get update
|
||||
|
||||
|
||||
|
||||
Now, we can install openssh-server by running following command.
|
||||
|
||||
$ sudo apt-get install openssh-server
|
||||
|
||||
|
||||
|
||||
### 2. Enabling Openssh Server ###
|
||||
|
||||
Now, we'll want to enable OpenSSH server after we successfully installed it on our Ubuntu 14.04 Operating System. The command to enable/start the server is given as follows.
|
||||
|
||||
$ sudo service ssh start
|
||||
|
||||
OR
|
||||
|
||||
$ sudo /etc/init.d/ssh start
|
||||
|
||||
### 3. Configuring Key Pair ###
|
||||
|
||||
After we have installed our OpenSSH Server and enabled it. We'll now finally wanna go for generating our Public and Private Key Pair. To do that, run the following command in a terminal or console.
|
||||
|
||||
$ ssh-keygen -t rsa
|
||||
|
||||
After running the above command, we'll be prompted to complete a series of tasks. The first will be where to save the keys, press Enter to choose the default location which is in a hidden .ssh folder in the home directory. The next prompt will be to enter the Paraphrase. I personally leave this blank (just press enter) to continue. It will then create the key pair and we’re done.
|
||||
|
||||
|
||||
|
||||
After generation of the key pair, we will need to **copy the client’s public key to the SSH server** or host inorder to create trusted relationship with it. We'll need to run the commands below to copy the client public key to the server.
|
||||
|
||||
$ ssh-copy-id user@ip_address
|
||||
|
||||
After the public key is copied to the server, we can now go and disable password logon via SSH. To do that, we'll need to open **/etc/ssh/ssh_config** via a text editor by run the commands below.
|
||||
|
||||
$ sudo nano /etc/ssh/sshd_config
|
||||
|
||||
Now, we'll need to uncomment the lines and set the values as shown below.
|
||||
|
||||
|
||||
|
||||
### 4. Restarting the SSH Server ###
|
||||
|
||||
Finally, after we are done configuring SSH Server, we'll want to restart our SSH Server so that all the changes will take affect. To restart one can run the following command in a terminal or the console.
|
||||
|
||||
$ sudo service ssh restart
|
||||
|
||||
OR
|
||||
|
||||
$ sudo /etc/init.d/ssh restart
|
||||
|
||||
|
||||
|
||||
Finally, we can now ssh in to the server without a password and only from the client having the same key pair not the password.
|
||||
|
||||
### Conclusion ###
|
||||
|
||||
Hurray! We have successfully enabled Passwordless SSH logon. It is a lot secure to enable Encrypted Key Pair SSH logon . This is a very secure way authenticating to a SSH server and it’s a recommended method if you wish to implement secure logon with single user SSH logon. So, if you have any questions, suggestions, feedback please write them in the comment box below. Thank you ! Enjoy Encrypted Secure SSH Login :-)
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: http://linoxide.com/ubuntu-how-to/setup-passwordless-ssh-logon-ubuntu-14-04/
|
||||
|
||||
作者:[Arun Pyasi][a]
|
||||
译者:[译者ID](https://github.com/译者ID)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
|
||||
|
||||
[a]:http://linoxide.com/author/arunp/
|
||||
@ -0,0 +1,85 @@
|
||||
设置Ubuntu14.04无密码登录SSH
|
||||
================================================================================
|
||||
大家好,今天我来向大家介绍如何在可信的Ubuntu12.04上设置无密码登录SSH功能。仅在工作站有正确的(公私)密钥以供匹配时SSH服务端才会允许你登录,反之访问将不会被允许。
|
||||
|
||||
正常情况下,我们需要连上SSH的控制台输入用户名和密码,两者结合使用。如果两者全部正确,我们就可以访问,反之访问被服务端拒绝。不过相比而言还有一种比用密码更安全的登录方式,我们用的不是密码在登录SSH我们用的是密钥。
|
||||
|
||||
如果你想使用这个安全的方式,我们只需简单的禁用密码登录并只允许密钥即可。使用这种方式时,客户端计算机上会产生公私一对密钥。接着客户端得把公钥上传到SSH服务端的密要验证文件中去。在访问被授予前,服务器及客户端电脑互验密钥对。如果服务器上的公钥与客服端提交的私钥匹配访问开始,否则访问被拒绝。
|
||||
|
||||
这是获取SSH服务器认证中非常安全的一种做法,如果你想为SSH用户登录实施安全的认证,这也是备受推崇的方式。这里快速的过一遍允许无密码登录SSH的配置过程。
|
||||
|
||||
### 1.安装Openssh服务端 ###
|
||||
|
||||
首先,我们需要更新我们的本地库索引。所以如下所见,我们需要先输入“apt-get update”
|
||||
|
||||
$ sudo apt-get update
|
||||
|
||||
|
||||
|
||||
现在我们可以通过以下命令安装openssh-server:
|
||||
|
||||
$ sudo apt-get install openssh-server
|
||||
|
||||
|
||||
|
||||
### 2. 开启openssh服务 ###
|
||||
|
||||
在OpenSSH已经成功安装在Ubuntu14.04操作系统上了之后,我们要启动OpenSSH的服务。以下命令让你启动/开启服务。
|
||||
|
||||
$ sudo service ssh start
|
||||
|
||||
OR
|
||||
|
||||
$ sudo /etc/init.d/ssh start
|
||||
|
||||
### 3. 配置密钥对 ###
|
||||
|
||||
在我们安装并启动了OpenSSH服务以后。现在终于到了要我们搞定公私钥对的时候了,在终端中运行以下命令:
|
||||
|
||||
$ ssh-keygen -t rsa
|
||||
|
||||
在运行完以上命令了以后,我们完成一系列的提示的任务。首先选择保存密钥路径,按回车将会选择默认路径即家目录的一个隐藏的.ssh文件夹。下一个提示是请输入提醒。我个人将此留白(回车过)。之后密钥对就会创建,大功告成。
|
||||
|
||||
|
||||
|
||||
在密钥对生成以后,我们需要将**客户端的上的公钥复制到SSH服务端**或者宿主来创建对客户端的信任关系。运行以下命令复制客户端的公钥到服务端。
|
||||
|
||||
$ ssh-copy-id user@ip_address
|
||||
|
||||
在公钥上传之后,我们现在可以不用通过密码登陆SSH了。为此,我们需要通过以下命令用文本编辑器打开**etc/ssh/ssh_config**。
|
||||
|
||||
$ sudo nano /etc/ssh/sshd_config
|
||||
|
||||
现在,我们需要按照下图所示去到几行注释并进行一些赋值。
|
||||
|
||||
|
||||
|
||||
### 4. 重启SSH服务 ###
|
||||
|
||||
最后,在我们配置完SSH服务端后,为了使改动生效我们需要重启SSH服务。在终端或控制台运行以下命令重启。
|
||||
|
||||
$ sudo service ssh restart
|
||||
|
||||
OR
|
||||
|
||||
$ sudo /etc/init.d/ssh restart
|
||||
|
||||
|
||||
|
||||
现在,我们可以试试不用密码仅用密钥配对的方式登录ssh服务端了。
|
||||
|
||||
### 总结 ###
|
||||
|
||||
太好了!我们成功的配置了无密码登录SSH。这是获取SSH服务器认证中非常安全的一种做法,如果你想为SSH但用户登录实施安全的认证这也是备受推崇的方式。所以,如果你还有什么问题或建议,请在意见框中向我们反馈。很欣慰你能读完,祝你SSH登录愉快 :-)
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: http://linoxide.com/ubuntu-how-to/setup-passwordless-ssh-logon-ubuntu-14-04/
|
||||
|
||||
作者:[Arun Pyasi][a]
|
||||
译者:[译者ID](https://github.com/译者ID)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
|
||||
|
||||
[a]:http://linoxide.com/author/arunp/
|
||||
Loading…
Reference in New Issue
Block a user