查看Linux 版本号:cat /etc/redhat-release
——————————————————————————————————————————————————————————————————
#安装密钥
ssh-keygen -t rsa
cd /root/.ssh/
#创建authorized_keys存储公钥
touch /root/.ssh/authorized_keys
#把公钥写入authorized_key
cat id_rsa.pub > authorized_keys
chmod 700 /root/.ssh
chmod 600 /root/.ssh/authorized_keys
——————————————————————————————————————————————————————————————————
防火墙开放端口:
1、查询防火墙的状态:
systemctl status firewalld
如若没启动则开启: systemctl start firewalld
2、永久开启端口
firewall-cmd --permanent --zone=public --add-port=56235/tcp
移除端口:
firewall-cmd --permanent --zone=public --remove-port=22/tcp
3、重载防护墙
firewall-cmd --reload
4、查看防火墙开放的端口
firewall-cmd --permanent --list-port
firewall-cmd --zone=public --list-all
——————————————————————————————————————————————————————————————————
增加SElinux端口:
yum provides semanage
yum -y install policycoreutils-python
semanage port -a -t ssh_port_t -p tcp 5654
semanage port -l | grep ssh
firewall-cmd --state
systemctl start firewalld
systemctl enable firewalld
vi etc/ssh/sshd_config
#开启密钥登入的认证方式
RSAAuthentication yes
#使用公钥
PubkeyAuthentication yes
#禁用密码登录
PasswordAuthentication no
修改配置如下:
PubkeyAuthentication yes # 是否允许密钥登入
PermitRootLogin yes #此处请留意 root 用户能否通过 SSH 登录,默认为yes
AuthorizedKeysFile .ssh/authorized_keys #默认公钥存放的位置
#重启 SSH 服务
systemctl restart sshd.service
备注:id_rsa 下载这个文件,使用密钥登录