linux 禁用密码登录

Last updated on June 3, 2026 am

🧙 Questions

使用密码登录服务器,容易被破解,禁止使用密码登录服务器

☄️ Ideas

开启密码禁用

vim /etc/ssh/sshd_config

配置禁止密码登录

PasswordAuthentication no

重启ssh服务

service sshd restart

sshd漏洞升级

vim /etc/ssh/sshd_config

# MAC 禁用 sha1
MACs hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com
# 安全密钥交换(禁用所有弱DH、SHA1)
KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256
# 安全配置(仅保留现代算法)
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr

# 重启SSH生效
systemctl reload sshd
systemctl restart sshd
````

#### 配置公钥登录

> 服务器中生成ssh文件

```bash
# 一路回车
ssh-keygen
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 0600 ~/.ssh/authorized_keys
ssh-keyscan -H isxcode >> ~/.ssh/known_hosts

本地生成ssh文件,如果存在不需要再次生成

# 一路回车
ssh-keygen
cat ~/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCqo2iGsQ0mKTGVkMeFeNJZNbA+WYjYcC3h60o67IfdOyAcSwB3b94og6ApGWpcMMdFZYK/9vg425SFstuQjmXqGsLaa0g4WNnNqql4q9woHrapvjS2EgCwMoStolZmSZi3epq5Fr+PhH9fZ23jhggud2EUK1ozOcldHbxgeYjEIFDBK5BcOTE0e5gULyjjL7bplKR0WS9i03z1iVV/3fvQ0J+0IregU/FKE7EoXgYqVQXyG/hA93qESWtlLGr6o1JRCx3nSVL5/7tADwtJSs0t6XjYZaumb3SO5D2FpJ3akAoSiDzLKWvMfcnCWrVEeAMEb1UXrXxI+S74wVJZEx+99vZMp8VZXembDDGQcT0TAXScxWihfYvgntJpTwTX2k40EjFo0VYO2aR6GIITdXFOvtJL66oFI+sV7G0WgGm0WY77vZfyNMVbBzTKxJhSLyr7B1Z7WRhhdOIWluybtA6SPaWCBwLHkEQRGoWKir/MjWbCIwcqG9uinyUJXmkwZ6c= ispong@ispong-mac.local

将本地的公钥复制到服务器中的authorized_keys文件中

tee -a ~/.ssh/authorized_keys <<-'EOF'
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCqo2iGsQ0mKTGVkMeFeNJZNbA+WYjYcC3h60o67IfdOyAcSwB3b94og6ApGWpcMMdFZYK/9vg425SFstuQjmXqGsLaa0g4WNnNqql4q9woHrapvjS2EgCwMoStolZmSZi3epq5Fr+PhH9fZ23jhggud2EUK1ozOcldHbxgeYjEIFDBK5BcOTE0e5gULyjjL7bplKR0WS9i03z1iVV/3fvQ0J+0IregU/FKE7EoXgYqVQXyG/hA93qESWtlLGr6o1JRCx3nSVL5/7tADwtJSs0t6XjYZaumb3SO5D2FpJ3akAoSiDzLKWvMfcnCWrVEeAMEb1UXrXxI+S74wVJZEx+99vZMp8VZXembDDGQcT0TAXScxWihfYvgntJpTwTX2k40EjFo0VYO2aR6GIITdXFOvtJL66oFI+sV7G0WgGm0WY77vZfyNMVbBzTKxJhSLyr7B1Z7WRhhdOIWluybtA6SPaWCBwLHkEQRGoWKir/MjWbCIwcqG9uinyUJXmkwZ6c= ispong@ispong-mac.local
EOF

即可从本地访问服务器!!!

openssh密钥 转 rsa密钥

ssh-keygen -p -m PEM -f id_rsa
linux
linux 禁用密码登录
https://ispong.isxcode.com/os/linux/linux 禁用密码登录/
Author
ispong
Posted on
August 16, 2023
Licensed under