Use rsa certificate to login linux is more safty than username and password. So I tried to research how to use it today.

First, I generated my own rsa certificate.

ssh-keygen -t rsa -b 4096 -C "i@test.com"

Now I get two files, id_git and id_git.pub, the public key is in id_git.pub file. I moved the two files into ~/.ssh, of course you could put it in any path, only need to set the path in ~/.ssh/config.

# Set the name of host, you could set any name you like.
Host 192.168.0.100
# Set the name or ip address of the host.
HostName 192.168.0.100
# The user of linux server you want to login.
User git
# The port of ssh on linux server.
Port 22
# If you set this property, when you login the server, it only authentifed by public key, if you don't set this property, when the public key login failed, it would ask you to input the password.
PreferredAuthentications publickey
# This is the path of your private key, you could put it in anywhere you like.
IdentityFile ~/.ssh/id_git
IdentitiesOnly yes

I use the following command update the pubulic key to my linux server.

scp -r ~/.ssh/id_git.pub git@192.168.0.100:/home/git/

And then I logined my linux server, and added the public key to ~/.ssh/authorized_keys

cat /home/git/id_git.pub >> ~/.ssh/authorized_keys

But I still need to set the sshd_config params.

vim /etc/ssh/sshd_config

Set “PubkeyAuthentication yes” in sshd_config.

systemctl restart sshd

Now I would try to login my linux server without password I tried again and again, but it still doesn’t work, so I use the following command to check the details of error.

ssh -vvv -i ~/.ssh/id_git git@192.168.0.100

At last, I found the problem, I should modify the permission of the authorized_keys on linux server.

chmod -R 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

When I tried to login my server again, finally it worked.