首先在服务器上生成密钥

[root@localhost support-files]# ssh-keygen -b 1024 -t rsa 生成密钥

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa): 安装路径 直接回车默认就好

Created directory '/root/.ssh'.

Enter passphrase (empty for no passphrase): 输入密钥的通行短语

Enter same passphrase again: 确认短语

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

b7:d1:01:3d:44:bc:9e:29:48:5b:e6:fd:b3:e0:bc:68 root@localhost.localdomain

[root@localhost support-files]# cd /root/.ssh/ 会生成2个 密钥

id_rsa id_rsa.pub

[root@localhost support-files]# vi /root/.ssh/authorized_keys 创建authorized_keys文件

[root@localhost support-files]# chmod 700 /root/.ssh/authorized_keys 赋予权限

[root@localhost support-files]# cat /root/.ssh/id_rsa.pub >>/root/.ssh/authorized_keys 将公钥拷贝到文件里

如果使用CRT进行远程链接将id_rsa 拷贝到windows里

如果使用的是putty 需要转换 具体步骤如下

使用putty key generator转换

将id_rsa 放进去 输入刚才生成的短语

点击保存

保存的文件要为xxx.ppk

[root@localhost ~]# vi /etc/ssh/sshd_config 打开ssh配置文件将以下三行注释

RSAAuthentication yes

PubkeyAuthentication yes

AuthorizedKeysFile .ssh/authorized_keys

PasswordAuthentication yes 改为 no 不允许密码登陆

注：winSCP 用的密钥文件也是.ppk

最后重启sshd大功告成