(REHL5 RAS-based public key and private key encryption authentication SSH is used for server remote backup Experimental environment: two RHEL5 virtual machines
SSH server Serv1, IP address: 192.168.10.1
Client Serv2, IP address: 192.168.10.2
1. In RHEL5, the SSH service RPM package is installed by default. If not, install it.
2. Start the sshd service on Serv1
#service
sshd
restart
3. Use ssh to remotely connect to Serv1 on another server Serv2
When you log in to the server for the first time, you need to enter "yes", and then enter the password of the remote server. The login information is recorded in the known_H/OST file of .ssh in the user's home directory.
The above method is based on password authentication, this method does not require any configuration, this method is still very secure than Telnet, the other server is impersonating, but it is still possible to be attacked by "man in the middle".
4. Key-based authentication
Based on the key authentication requirements, relying on the key, it is preferred to create a pair of keys and keep the public key on the remote server.
Configure the Serv1 server to prevent password authentication and only allow key authentication. Since the encrypted data with the public key can only be decrypted with the private key, the server can recognize the legitimacy of the client connection through comparison.)