How to Manage VPS with RSA file?

xmg · 8月20日 · 2020年 · ·

1st. Generate RSA Certificates as below

ssh-keygen -b 4096 -t rsa

notes: the default length of the RSA is 2048, 4096 will be more safe.

2nd. Press Enter key to confirm the path where the Certificates be stored when you see the information as below:

Enter file in which to save the key (/root/.ssh/id_rsa):

3rd. Input password of the certificates.
4th. set the pubkey as below:

cat /root/.ssh/ >> /root/.ssh/authorized_keys

Notes:”>>” means add new key information to the file “authorized_keys” but not “overwrite”, if you want to “overwrite” the old information in the “authorized_keys”, you should use “>” instead of the “>>”.

5th. Change the permissions of the file and directory as below:

chown -R 0700  ~/.ssh
chown -R 0640  ~/.ssh/authorized_keys

6th. Modify the sshd_config file to forbiden the password login and allow the Pubkey & RSA way login, you can do it by FTP way or SSH way.(the path of the sshd_config is /etc/ssh/sshd_config)

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile      .ssh/authorized_keys
PasswordAuthentication no 

7th. Reload the sshd service in order to run the changes right away.

service sshd restart

a. after you generate the RSA files you should download the id_rsa to your local pc and delete it from the server.
b. you’d better do not set the “PasswordAuthentication yes” to “PawwsordAuthentication no” before you make sure the “PubkeyAuthentication yes” works well or you may be in trouble for you may have no way to access to the server unless you have further more methods to manage it.

0 条回应