注册 | 登录 忘记密码? 51cto首页 | 博客 | 论坛 | 招聘
热点文章 小五思科技术学习笔记之SSH
 帮助
做绿色IT人,赢百元礼品卡  7月5日线下沙龙报名中:两小时搞定负载均衡 博主的更多文章>>

SSH Accounts Management

2008-01-24 16:32:12
 标签:ssh 帐号   [推送到技术圈]

版权声明:原创作品,允许转载,转载时请务必以超链接形式标明文章 原始出处 、作者信息和本声明。否则将追究法律责任。http://yahoon.blog.51cto.com/13184/60573
现在公司进行技术流程的文档化
我也写了点文章,这是其中一篇,不难,献丑了.
 
 
SSH Accounts Management
20080124 created by yahoon
 
Because the SSH and SFTP use the same protocol, so the account managent for both is same.That means, once you have a SSH account , you can aslo use this accont to access server via SFTP.
Follow the steps: (the red words is the shell commands on linux)
1. CREAT A SSH ACCOUNT
Login the linux box as root,issue the command:
useradd user1
we suppose user1 is the name of the client account
 
2 SET PASSWORD FOR THE ACCOUNT
use the command:
passwd user1
then you will see the following strings on the console
Changing password for user user1.
New UNIX password:
Input the password twice ,at least 6 characters.
 
3. MAKE SSH KEY DIR FOR THE ACCOUNT
issue the following command:
cd  /home/user1
mkdir .ssh
NOTICE, THERE IS A DOT (.) AHEAD OF SSH !!!  It means the dir is hidden.
 
4. CHANGE PERMITIONS ON THE DIR
change the owner of the .ssh dir to be user1
chown user1:user1 .ssh
 
5. CREATE THE KEYS
switch to user1
su user1
Generate the keys
ssh-keygen –d
You will see serveral questions need to input,just keep blank,press ‘Enter’, Something like this:
Enter file in which to save the key (/home/user1/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user1/.ssh/id_dsa.
Your public key has been saved in /home/user1/.ssh/id_dsa.pub.
The key fingerprint is:
f1:f7:e2:b9:f6:c1:33:76:94:36:5b:80:7c:1f:f2:e0 user1@centos1
the file /home/user1/.ssh/id_dsa is the private key which the clients should keep.
the file /home/user1/.ssh/id_dsa.pub is the public key which should be kept on the server.
 
6 RENAME THE PUBLIC KEY FILE TO TAKE EFFECT
issue the command :
cd /home/user1/.ssh
mv id_dsa.pub authorized_keys
 
ALSO,the client can generate the keys locally, for example use openssh to get keys on windows box, then upload the public key file to the directory /home/user1/.ssh/ on the server. Never forget to rename the file as authorized_keys on server.
 
 

本文出自 “yahoon的小屋” 博客,请务必保留此出处http://yahoon.blog.51cto.com/13184/60573





    相关文章
危险无处不在 账号防盗防骗的小经验
ssh_config详解
SSH Secure Shell
什么是SSH?
使用ssh协议访问cisco设备
ssh自动登录
SSH使用指南
ssh,用来做ftp也不错
防御暴力破解SSH攻击
Cisco路由器用SSH替代Telnet连接
    文章评论
 
2008-01-24 16:45:37
嘿嘿。
看完了。
顶。好文章呀!!!!
推到BLOG圈
http://g.51cto.com/linux

2008-01-24 17:02:53
第6步用户名错了吧!
应该是:cd /home/user1/.ssh
因为是用user1用户建立的密钥
还有就是最后那句:
Never forget to ......后面最好加上in server,在服务器端更名

2008-01-24 17:13:37
多谢昆仑兄的指教
已纠正

2008-05-13 14:28:49
Yahoon兄写得不错

 

发表评论

昵   称:
验证码:  点击图片可刷新验证码  博客过2级,无需填写验证码
内   容: