如何为 EC2 配置ssh-rsa加密

0

【以下的问题经过翻译处理】 我想为t2.micro、OpenSSH_8.7p1配置ssh-rsa加密。步骤如下:

  1. 使用sudo vim /etc/ssh/sshd_config命令打开配置文件,结果如下:
Include /etc/ssh/sshd_config.d/*.conf
AuthorizedKeysFile .ssh/authorized_keys
Subsystem sftp  /usr/libexec/openssh/sftp-server
AuthorizedKeysCommand /opt/aws/bin/eic_run_authorized_keys %u %f
AuthorizedKeysCommandUser ec2-instance-connect
PasswordAuthentication no
PubkeyAuthentication yes
HostKeyAlgorithms +ssh-rsa
HostbasedAcceptedAlgorithms +ssh-rsa,ssh-ed25519
PubkeyAcceptedAlgorithms +ssh-rsa
HostbasedAcceptedKeyTypes ssh-rsa,ssh-dss,ecdsa-sha2-nistp256
  1. 使用sudo systemctl restart sshd命令重启SSH服务。

  2. 使用sudo sshd -T | grep "key"命令检查配置结果,结果如下:

pubkeyauthentication yes
gssapikeyexchange no
gssapistorecredentialsonrekey no
trustedusercakeys none
revokedkeys none
securitykeyprovider internal
authorizedkeyscommand /opt/aws/bin/eic_run_authorized_keys %u %f
authorizedkeyscommanduser ec2-instance-connect
hostkeyagent none
hostkeyalgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01
profile picture
전문가
질문됨 10달 전73회 조회
1개 답변
0

【以下的回答经过翻译处理】 已解决: sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup echo "PubkeyAcceptedAlgorithms ssh-ed25519,ecdsa-sha2-nistp256,rsa-sha2-512" | sudo tee /etc/ssh/sshd_config

profile picture
전문가
답변함 10달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠