1. General

For the use of Linux operating system, the importance of SSH is self-evident. However, you have to enter a lengthy user name @ host IP every time you log in, and sometimes you forget the user name / host IP. It is also a waste of time to check the records again, so this time we need to configure the SSH login configured to the server to realize secret free login.

2. Configuration

2.1 the premise of configuration is that both the local user machine and the server have SSH key public key pairs

# Under Windows
ssh-keygen.exe # Press enter all the time
#Under Linux
ssh-keygen # Also keep returning

2.2 after completion ~ / Two folders will be generated under ssh directory

known_hosts: is the connected host information
id_rsa: private key (not exposed)
id_rsa.pub
config:SSH configuration file

2.3 modify / etc / SSH / sshd on the server side_ config

Add PubkeyAuthentication yes. If it is original, just cancel the comment

After that, restart the ssh service

/etc/init.d/ssh restart
# Some systems will be the following and will not be affected, as long as the SSH service can be restarted
/etc/init.d/sshd restart

2.4 creating authorized_keys file

a. Copy the SSH public key of the host to the server

scp ~/.ssh/id_rsa.pub user@xx.xx.xx.xx:~/.ssh/authorized_keys

b. Modify authorized_ Permissions of keys

The system cannot allow users other than the owner to authorize_ The keys file has write permission. Otherwise, sshd will not allow the file to be used because it may be tampered with by other users. So I need to give it to authorized_keys change the permission 600

root@iZuf633xawg78i05qrd9v9Z:~# chmod 600 .ssh/authorized_keys 
root@iZuf633xawg78i05qrd9v9Z:~# ll .ssh/
total 24
drwx------  2 root root 4096 Mar 18 10:58 ./
drwx------ 11 root root 4096 Mar 18 10:58 ../
-rw-------  1 root root  808 Mar 18 10:58 authorized_keys
-rw-------  1 root root 1675 Aug  6  2019 id_rsa
-rw-r--r--  1 root root  410 Aug  6  2019 id_rsa.pub
-rw-r--r--  1 root root 1990 Mar 18 10:53 known_hosts
root@iZuf633xawg78i05qrd9v9Z:~# 

2.5 password free login

When you're done, you can use ssh user@ip Password free login

➜  ~ ssh root@xxxx.xxxx.xxxx.xxxx
Welcome to Ubuntu 18.04.2 LTS (GNU/Linux 4.15.0-52-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

 * Latest Kubernetes 1.18 beta is now available for your laptop, NUC, cloud
   instance or Raspberry Pi, with automatic updates to the final GA release.

     sudo snap install microk8s --channel=1.18/beta --classic

 * Multipass 1.1 adds proxy support for developers behind enterprise
   firewalls. Rapid prototyping for cloud operations just got easier.

     https://multipass.run/

 * Canonical Livepatch is available for installation.
   - Reduce system reboots and improve kernel security. Activate at:
     https://ubuntu.com/livepatch

Welcome to Alibaba Cloud Elastic Compute Service !

2.6 reference links

2.6.1 SSH configuration

• Set SSH password free login to remote server
• SSH set public key authentication
• Configure custom SSH connections to simplify remote access
• SSH configuration authorized_ After keys, you still need to enter the password

If you use WSL, you must know that WSL and Windows share a set of ports

• WSL usage guide -- shared port

3. Optimize login mode

3.1 operation method

Regular ssh user@IPaddress It's still a little troublesome, especially in Powershell without historical command prompt, and SSH just has this configuration item

The directory structure of this file is:

➜  ~ type .\.ssh\config
#Ali Server
Host ali  # Host name, from any
  HostName xx.xx.xxx.xx  # Connection address, usually ssh user@xxx.xx Rear of
  User root  # User to log in
# Embed Linux Server
Host lite
  HostName 192.168.107.130
  User lite
➜  ~

This config can be regarded as a script file. The official has written the program. What you need to do is to add the parameters used in the script. After saving, of course, give it 600 permissions. Finally, try the effect:

➜  ~ ssh lite # No longer need to input lengthy instructions, a small sentence can be achieved
Welcome to Ubuntu 18.04.4 LTS (GNU/Linux 5.3.0-42-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage


 * Canonical Livepatch is available for installation.
   - Reduce system reboots and improve kernel security. Activate at:
     https://ubuntu.com/livepatch

0 packages can be updated.
0 updates are security updates.

Your Hardware Enablement Stack (HWE) is supported until April 2023.
Last login: Wed Mar 18 05:25:17 2020 from 192.168.107.1

3.2 acknowledgement

Thanks for the tutorials of these brothers. Another brother explained the process of SSH connection in detail.

• Simplify ssh server connection process
• <!--SSH Config what you know and don't know-->