[root@localhost ~]# ssh-keygen -t rsa -b 4096 Generating public/private rsa key pair. Enter file in which to save the key(/root/.ssh/id_rsa): Enter passphrase(empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:ycOtSDK8ud2kd6EH7OxoQuc1BFb1HJ3T/kvAQJt0LrI firstname.lastname@example.org The key's randomart image is: +---[RSA 4096]----+ | ...oo.o o | | o .+=.+ .| | . . . +=. o | | . o.oo .o .| | + .oSE. . .| | .*..=o. ..| | .oo.+o+ . . .| | .oo== o . | | .o+ooo | +----[SHA256]-----+
[root@localhost ~]# ll ~/.ssh/ total 8 -rw------- 1 root root 3389 May 1308:26 id_rsa -rw-r--r-- 1 root root 752 May 1308:26 id_rsa.pub
[root@localhost ~]# ssh-copy-id email@example.com /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub" The authenticity of host '192.168.43.139 (192.168.43.139)' can't be established. ECDSA key fingerprint is SHA256:7O1oIOooh4NZG87aC3v1Zz/vcTXkjOhQBnlkY0CD4y0. Are you sure you want to continueconnecting(yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys Password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'firstname.lastname@example.org'" and check to make sure that only the key(s) you wanted were added.
[root@localhost ~]# ssh 192.168.43.139 Last login: Tue May 1212:33:412020 from 192.168.43.137
[root@localhost ~]# ssh 192.168.43.139 Last login: Tue May 1212:33:412020 from 192.168.43.137 [root@localhost ~]# vim /etc/ssh/sshd_config 搜索一下三条，将选项改为No PasswordAuthentication no ChallengeResponseAuthentication no UsePAM no