生成公钥和私钥

root登录后运行如下命令

ssh-keygen -t rsa

 Generating public/private rsa key pair.
 Enter file in which to save the key (/root/.ssh/id_rsa):    ##直接回车默认路径
 Created directory '/root/.ssh'.
 Enter passphrase (empty for no passphrase):                 ##输入密码短语（留空则直接回车）
 Enter same passphrase again:                                ##重复密码短语
 Your identification has been saved in /root/.ssh/id_rsa.
 Your public key has been saved in /root/.ssh/id_rsa.pub.
 The key fingerprint is:
 04:e1:93:92:95:ba:55:21:58:05:7d:57:58:92:32:d3 root@vpn
 The key's randomart image is:
 +--[ RSA 2048]----+
 |     oB*o. ..=o  |
 |    .+.+o = E.   |
 |    o.+... =     |
 |    ...o         |
 |     o  S        |
 |    .            |
 |                 |
 |                 |
 |                 |
 +-----------------+

在/root/.ssh/目录下生成了2个文件，id_rsa为私钥，id_rsa.pub为公钥。私钥自己下载到本地电脑妥善保存，公钥则可任意公开

导入公钥

cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys

更改SSH配置文件

修改SSH的配置文件

vi /etc/ssh/sshd_config

 #RSAAuthentication yes
 #PubkeyAuthentication yes
 #AuthorizedKeysFile    .ssh/authorized_keys

将前面的#去掉后保存 Centos7无RSAAuthentication选项 忽略
重启SSH服务，运行命令：

service sshd restart

制作用于putty的私钥

将VPS上的/root/.ssh/id_rsa下载到本地，利用PUTTYGEN.EXE转换为putty用的ppk文件 (Save Private Key)

关闭SSH密码登陆

修改SSH的配置文件

vi /etc/ssh/sshd_config

 PasswordAuthentication no

重启SSH服务

service sshd restart

文章来源

https://teddysun.com/237.html