Logging In to a Linux ECS Using a Created User and SSH Key Pair
Background
An SSH key pair is a secure and convenient login authentication method. It consists of a public key and a private key, supports only Linux ECSs, and meets your service requirements for higher security, convenience, and automation. You can use an SSH key pair to connect to a Linux ECS.
Prerequisites
- An ECS already has an EIP bound. For details, see Binding an EIP.
- The network connection between the login tool (for example, PuTTY) and the target ECS is normal.
PuTTY download link: https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html.
Procedure
- Connect to the Linux ECS using a proper login mode. For details, see Login Overview (Linux).
- Create a user.
- Run the command below to create a user. <username> indicates the username.
sudo useradd -m <username>
- Run the following command to check whether the user is created:
groups <username>
- Run the command below to create a user. <username> indicates the username.
- Set a key pair for the user.
- Prepare the key pair.
If you use your own key pair, you need to store the id_rsa.pub (public key) in the Linux ECS. is_rsa (private key) file will be used to log in to the Linux ECS.
If no key pair is available, run the command below and press Enter repeatedly to generate a 2,048-bit RSA key pair. The public key whose name ends with id_rsa.pub and private key whose name ends with is_rsa are generated in the current path.
ssh-keygen -t rsa -b 2048 -f "./id_rsa"
Figure 1 Generating a key pair
- Configure the public key in the authorized_keys file.
Copy the content of the public key file to the .ssh/authorized_keys file in the user root directory on ECS. You can use a file transfer tool, such as Xftp, to upload the file.
- Run the following command to create the .ssh folder in the user directory:
sudo mkdir /home/<username>/.ssh
- Create the authorized_keys file in the directory created in step 3.b.i and copy the content of the public key file generated or prepared in step 3.a to this file. You can use the vim editor to create and modify the file.
- Change the permissions on the .ssh directory and the authorized_keys file.
sudo chmod 700 /home/<username>/.ssh sudo chmod 600 /home/<username>/.ssh/authorized_keys
- Run vim commands to open the /etc/ssh/sshd_config file, enter the editing mode, and set PubkeyAuthentication and RSAAuthentication to yes.
PubkeyAuthentication yes RSAAuthentication yes
- Run the following command to restart sshd for the configuration to take effect:
sudo systemctl restart sshd
- Run the following command to create the .ssh folder in the user directory:
- Remotely log in to the ECS using a created user via PuTTY or Xshell. For details, see Logging In to a Linux ECS Using an SSH Key Pair.
- Prepare the key pair.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
