--The side of the personal setting memo is strong. --`ssh Connection destination server name Appropriately set to enable ssh connection with public key authentication
cd ~/.ssh
ssh-keygen -t rsa -b 4096 -C "comment"
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/USERNAME/.ssh/id_rsa):The name of the key file
By executing this command, the following files will be created. (Example: When the name of the key file is gcp_key)
--gcp_key (private key) --gcp_key.pub (Public key. By inserting this into the connection destination server, you can use ssh login using the private key)
--Caution: When you put the server in the connection destination server from the GUI of google cloud platform, it seems that you decide which user to put the public key in based on the value of " comment "
.
--Example: If the comment " test_user "
is set, the public key will be set for the user: test_user
of the connection destination server (GCP VM).
$ ls
config gcp_key gcp_key.pub known_hosts
vi ~/.ssh/config
~/.ssh/config
Host Name of the server to connect to
HostName IP address of the server to connect to
User Username of the server to connect to
IdentityFile ~/.ssh/gcp_key ← The Key created earlier (the private key)
--Log in as the user who wants to log in using public key authentication.
--Paste the contents of gcp_key.pub
created on the main PC into ~ / .ssh / authorized_keys
.
python
vi ~/.ssh/authorized_keys
~/.ssh/authorized_keys
#Appropriately easy-to-understand comments
ssh-rsa AAAAB3Nza ~ Omitted ~ C1y8oSKIN3w== utadroid
--Setting to turn off password authentication so that you can only log in with public key authentication
vi /etc/ssh/sshd_config
/etc/ssh/sshd_config
#PasswordAuthentication yes ← Because I wrote this at first
PasswordAuthentication no ← Change like this
To reflect the settings, restart the ssh daemon with the following command.
sudo systemctl start sshd.service
If you register the public key on the page of Compute Engine-> meta data-> ssh authentication key
,
All the VMs you create have a public key setting.