SSH公钥身份验证,无需更改系统文件
[英]Ssh public key authentication without changing system files
问题描述
I am changing different parameters like RSAAuthentication , PubkeyAuthentication and PasswordAuthentication ( sudo vim /etc/ssh/sshd_config ) to disable ssh password authentication to force ssh login via public key only. 
我正在更改不同的参数,例如RSAAuthentication , PubkeyAuthentication和PasswordAuthentication ( sudo vim /etc/ssh/sshd_config ),以禁用ssh密码身份验证,以仅通过公共密钥强制ssh登录。
The experiments are adversely affecting many users as they suddenly find "Connection refused" while trying to ssh to the server. 这些实验对许多用户产生不利影响,因为他们在尝试ssh到服务器时突然发现“连接被拒绝”。 I want to avoid these experiments. 我想避免这些实验。 Is there any work around to enable public key authentication without touching system files like /etc/ssh/ssd_config ? 是否有任何解决方法可以启用公共密钥身份验证而不接触/etc/ssh/ssd_config类的系统文件?
1 个解决方案
解决方案1
2 2015-02-06 14:27:23
Sure. 当然。 Set up an alternative configuration file, and run sshd on another port while you are experimenting: 设置备用配置文件,并在进行实验时在另一个端口上运行sshd:
cp sshd_config sshd_config_working
/usr/sbin/sshd -p 2222 -f sshd_config_working
Now you can connect with: 现在您可以连接:
ssh -p 2222 user@localhost
And you can make as many changes as you want until you it working as desired. 并且,您可以根据需要进行任意更改,直到它可以按需工作为止。 At that point, copy your _working config back to the main config file and restart sshd. 此时,将_working配置复制回主配置文件,然后重新启动sshd。
Alternatively, stop mucking about on a production server and set up a virtual machine or cotainer for testing, where you can modify the sshd configuration as much as you want without affecting anybody. 或者,停止在生产服务器上乱搞,并设置虚拟机或容器进行测试,您可以在其中随意修改sshd配置,而不会影响任何人。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.