[vps security] Increase vps security, use key to log in to vps based on CENTOS

We said before that just changing the login port of the VPS is safe enough (original text: http://www.138vps.com/vpsjc/73.html), we take back this sentence. Because a friend’s vps was hacked. It seems that if you meet a serious guy, just changing the port is not enough, so today we will share with you how to use the key to log in to the VPS to increase the security of the VPS.

1. First execute this code on the VPS to generate a secret key file. You will be asked where to put the secret key. The default is enough. You will also be asked to enter the password of the secret key. If it is [123456], just enter it:

ssh-keygen-trsa

2. Enter the directory of the secret key. If it is the default, it is /root/.ssh (since we have already entered this file in advance, but CD will enter it again.), execute the following command to generate a new public key file :

cd /root/.ssh
cat id_rsa.pub >> authorized_keys

3. Use winscp to log in to the vps, go to the folder, and download the private key file id-rsa locally. Then open the PuTTYGen software in the PUTTY software folder, execute Conversions -> Import Key, and import the private key file. You will be asked to enter your password, enter [123456]. Then click Save private key, and a PPK file will be generated locally. Save the file.

4. OK, let’s open PUTTY, first enter the server IP address and port, then find [auth] under ssh on the left, import the PPK file just generated, and click [OPEN]

5. We will be asked to enter the login name and password. The user name is root and the password is not the root password. It is [123456]. Okay, logged in

6. If we want to use Xshell to log in, it is similar. Then switch back to PUTTYGEN, select Export Open SSH Key in Conversions, and set a name to save it.

7. Open Xshell, follow the settings below, and then import the file just generated. Fill in [123456] wherever you need to fill in the password, and you can connect.

8. Now that we can use the secret key to log in to our VPS, we want to delete the password and log in to the VPS this way.

9. Edit the file /etc/ssh/sshd_config and add a line below: PasswordAuthentication no. You can edit it online or download it with winscp and edit it. We are download editors. If this line already exists, delete it, or change yse to no (PasswordAuthentication yes is not necessarily the last line of code).

10. Enter service sshd restart to restart the SSH service or restart the VPS directly.

​

11. Use the password to log in again. If you use the password to log in, an identity verification will pop up, asking you to import the secret key file. If you need the secret key file to log in, everything will be normal.

Recommended site searches: domain name expiration query, Korean server recommendation, Singapore server, foreign trade space, host discount code, search IP, free ASP space, Hong Kong server rental, server hosting price, buy server high defense,