博客
关于我
强烈建议你试试无所不能的chatGPT,快点击我
OpenSSH杂记
阅读量:5833 次
发布时间:2019-06-18

本文共 9416 字,大约阅读时间需要 31 分钟。

OpenSSH

telnet

查看telnet的程序包

telnet是客户端telnet-server是服务端[root@zz ~]# yum list all telnet*Loaded plugins: fastestmirror, refresh-packagekit, securityLoading mirror speeds from cached hostfileAvailable Packagestelnet.x86_64                         1:0.17-48.el6                  CDtelnet-server.x86_64                  1:0.17-48.el6                  CD[root@zz ~]#

开启telnet服务端

有点奇葩[root@qq ~]# chkconfig telnet on[root@qq ~]# service xinetd restartStopping xinetd:                                           [FAILED]Starting xinetd:                                           [  OK  ][root@qq ~]# [root@qq ~]# ss -tnl | grep :23LISTEN     0      64                       :::23                      :::*     [root@qq ~]#

telnet连接服务端测试

[root@zz ~]# telnet 10.201.106.129Trying 10.201.106.129...Connected to 10.201.106.129.Escape character is '^]'.CentOS release 6.6 (Final)Kernel 2.6.32-504.el6.x86_64 on an x86_64login: qqPassword: Last login: Thu Jul 28 15:50:28 from 10.201.106.1[qq@qq ~]$ su -Password: [root@qq ~]# ifconfig[root@qq ~]# ss -tnState      Recv-Q Send-Q                                          Local Address:Port                                            Peer Address:Port ESTAB      0      0                                              10.201.106.129:23                                            10.201.106.128:39829 ESTAB      0      52                                             10.201.106.129:22                                              10.201.106.1:52513 ESTAB      0      0                                              10.201.106.129:23                                              10.201.106.1:55147

ssh登录测试

[root@qq ~]# ssh root@10.201.106.129root@10.201.106.129's password: Last login: Thu Jul 28 21:11:53 2016 from 10.201.106.129[root@qq ~]# exitlogoutConnection to 10.201.106.129 closed.[root@qq ~]# [root@qq ~]# ssh -l root 10.201.106.129root@10.201.106.129's password: Last login: Thu Jul 28 21:16:25 2016 from 10.201.106.129[root@qq ~]#

查看系统内核、系统

[root@qq ~]# uname -r2.6.32-504.el6.x86_64[root@qq ~]# uname -sLinux

远程登录执行完命令后退出

[root@zz ~]# ssh root@10.201.106.128 'hostname'root@10.201.106.128's password: qq[root@zz ~]# hostnamezz[root@zz ~]#

查看ssh客户端配置文件,并设置不做严格检查(第一次信任密钥)

[root@zz ~]# vim /etc/ssh/ssh_config Host *    GSSAPIAuthentication yes    StrictHostKeyChecking no

ssh密钥登录

1、生成密钥

[root@zz .ssh]# ssh-keygen -t rsa Generating public/private rsa key pair.Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa.Your public key has been saved in /root/.ssh/id_rsa.pub.The key fingerprint is:e5:7f:8a:b4:b6:24:c3:68:77:a8:59:24:e1:e9:8c:b7 root@zzThe key's randomart image is:+--[ RSA 2048]----+|                 ||                 ||      .   .      ||     . o o       ||      + S .      ||     + = . .     ||    . * B + . .  ||     o * *.o o   ||      E  .+..    |+-----------------+[root@zz .ssh]# id_rsa:私钥;id_rsa.pub:公钥[root@zz .ssh]# ls id_rsa  id_rsa.pub  known_hosts[root@zz .ssh]# 或者  -P:空密码;[root@zz .ssh]# ssh-keygen -t rsa -P '' -f '/root/.ssh/id_rsa'Generating public/private rsa key pair.Your identification has been saved in /root/.ssh/id_rsa.Your public key has been saved in /root/.ssh/id_rsa.pub.The key fingerprint is:87:bf:22:54:b9:1a:f1:3a:41:ed:7c:b7:59:9f:2b:81 root@zzThe key's randomart image is:+--[ RSA 2048]----+|                 ||                 ||       . .       ||      o +.       ||     . *S.. .    ||      + =o.E...  ||     . = ... +...||      = .  .o. ..||       o ..   ...|+-----------------+[root@zz .ssh]#

把公钥传输至远程服务器对应用户的家目录

[root@zz .ssh]# ssh-copy-id -i id_rsa.pub root@10.201.106.128root@10.201.106.128's password: Now try logging into the machine, with "ssh 'root@10.201.106.128'", and check in:  .ssh/authorized_keysto make sure we haven't added extra keys that you weren't expecting.[root@zz .ssh]# [root@qq ~]# cd .ssh/[root@qq .ssh]# lsauthorized_keys[root@qq .ssh]# cat authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAtq90JaSmELfUUbf/Ou9mawVRHZ2u4wUCjdu+7qyeMCeHu2QxRkS2pfvy806RA/BHzDvKdFfnsSBBa9phfucKOF7Z6SqCr7T9S+wTiqht1OStMYAOUPRWV911GSk4TJWJbL6x/Hq2q9dKcFjLVD3CMpu1AXM4K3VTr7MYwF9LNjhHVwFfvsNzIyVyEWFUkbfjOs/xlv1EWqiDwVQHrnWdgPdUu0E4JkU70A0yEPnMDvfNp4nPbeC6taXy+/RatHEOS45VlBhPEmhmDAzP5cE4Woi0QSAa6kDGA2UzUgkAtyFqcN0UapGzA1aTgl/+6eXDoP5fBU3QSUhdsN6ugzQMiw== root@zz[root@qq .ssh]# 登陆测试:无须密码直接就可以登录了;[root@zz .ssh]# ssh root@10.201.106.128Last login: Sat Jul 30 15:51:25 2016 from 10.201.106.1[root@qq ~]# 需要密码,远程执行命令;[root@zz .ssh]# ssh root@10.201.106.129 'ifconfig'root@10.201.106.129's password: [root@zz .ssh]# ssh root@10.201.106.128 'ifconfig'eth1      Link encap:Ethernet  HWaddr 00:0C:29:4E:AF:24            inet addr:10.201.106.128  Bcast:10.201.106.255  Mask:255.255.255.0          inet6 addr: fe80::20c:29ff:fe4e:af24/64 Scope:Link          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:36788 errors:0 dropped:0 overruns:0 frame:0          TX packets:28018 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:1000           RX bytes:24669470 (23.5 MiB)  TX bytes:12170441 (11.6 MiB)lo        Link encap:Local Loopback            inet addr:127.0.0.1  Mask:255.0.0.0          inet6 addr: ::1/128 Scope:Host          UP LOOPBACK RUNNING  MTU:65536  Metric:1          RX packets:1288 errors:0 dropped:0 overruns:0 frame:0          TX packets:1288 errors:0 dropped:0 overruns:0 carrier:0          collisions:0 txqueuelen:0           RX bytes:126326 (123.3 KiB)  TX bytes:126326 (123.3 KiB)[root@zz .ssh]#

使用xshell生成的密钥登录linux

xshell-工具-新建用户密钥生成向导生成密钥,将公钥复制到linux系统的用户目录/.ssh/authorized_key文件里面;登录测试:注意选择刚才生成的私钥登录[c:\~]$ ssh root@10.201.106.128Connecting to 10.201.106.128:22...Connection established.To escape to local shell, press 'Ctrl+Alt+]'.Last login: Sat Jul 30 15:52:30 2016 from 10.201.106.129

scp 跨主机复制文件

复制远程文件到主机

[root@zz ~]# scp root@10.201.106.129:/etc/fstab /tmp/fstab.txtThe authenticity of host '10.201.106.129 (10.201.106.129)' can't be established.RSA key fingerprint is 20:97:23:34:df:77:2a:91:ee:bf:ac:bd:fe:3d:35:38.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added '10.201.106.129' (RSA) to the list of known hosts.root@10.201.106.129's password: fstab                                100% 1369     1.3KB/s   00:00    [root@zz ~]# cat /tmp/fstab.txt ## /etc/fstab# Created by anaconda on Thu Jul 28 00:37:31 2016## Accessible filesystems, by reference, are maintained under '/dev/disk'# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info#UUID=01c53735-f7c4-4294-a944-e69df17ab9cd /                       ext4    defaults        1 1

上传文件到远程目录

[root@zz ~]# scp /root/test.txt root@10.201.106.129:/tmp/root@10.201.106.129's password: test.txt                             100%   68     0.1KB/s   00:00    [root@zz ~]# [root@qq ~]# cat /tmp/test.txt 888888888888888888888888888888888999999999999999999999999999999999[root@qq ~]#

sftp,类似于ftp客户端

[root@zz ~]# sftp root@10.201.106.129Connecting to 10.201.106.129...root@10.201.106.129's password: sftp> sftp> sftp> lsanaconda-ks.cfg        bin                    bind-9.10.4-P2         bind-9.10.4-P2.tar.gz  install.log            install.log.syslog     test                   sftp> cd /etcsftp> lsConsoleKit                         DIR_COLORS                         DIR_COLORS.256color                DIR_COLORS.lightbgcolor            NetworkManager                     Trolltech.conf                     X11                                abrt                               acpi                               adjtime

服务器端ssh:sshd

查看ssh服务器端是否有安装:

[root@zz ~]# rpm -q opensshopenssh-5.3p1-117.el6.x86_64

密钥

[root@qq ~]# ls /etc/ssh/moduli       ssh_host_dsa_key      ssh_host_key.pubssh_config   ssh_host_dsa_key.pub  ssh_host_rsa_keysshd_config  ssh_host_key          ssh_host_rsa_key.pub[root@qq ~]#

查看ssh登录日志

[root@qq ~]# tail /var/log/secure Jul 29 06:22:39 qq sshd[55357]: pam_unix(sshd:session): session closed for user rootJul 29 06:24:30 qq sshd[55376]: Accepted password for root from 10.201.106.128 port 41228 ssh2Jul 29 06:24:31 qq sshd[55376]: pam_unix(sshd:session): session opened for user root by (uid=0)Jul 29 06:24:31 qq sshd[55376]: subsystem request for sftpJul 29 06:27:35 qq sshd[55376]: Received disconnect from 10.201.106.128: 11: disconnected by userJul 29 06:27:35 qq sshd[55376]: pam_unix(sshd:session): session closed for user rootJul 29 06:44:52 qq sshd[55439]: Accepted password for root from 10.201.106.1 port 52071 ssh2Jul 29 06:44:52 qq sshd[55439]: pam_unix(sshd:session): session opened for user root by (uid=0)Jul 29 06:46:50 qq sshd[55470]: Accepted password for root from 10.201.106.1 port 52104 ssh2Jul 29 06:46:50 qq sshd[55470]: pam_unix(sshd:session): session opened for user root by (uid=0)[root@qq ~]# ll /var/log//secure -rw-------. 1 root root 14122 Jul 29 06:46 /var/log//secure[root@qq ~]#

在图形界面超级终端开启远程服务器的图形界面程序

1、登录服务器的服务器界面,开启超级终端;2、带-X选项登录远程服务器:ssh -X root@10.201.106.1293、在远程服务器执行 xcl命令,打开时钟;

ssh更改端口后登录

[root@qq ~]# vim /etc/ssh/sshd_config Port 22222[root@qq ~]# service sshd restartStopping sshd:                                             [  OK  ]Starting sshd:  登录测试[root@zz ~]# ssh 10.201.106.129 -p 22222root@10.201.106.129's password: Last login: Fri Jul 29 06:46:50 2016 from 10.201.106.1[root@qq ~]#

转载于:https://blog.51cto.com/zhongle21/2091436

你可能感兴趣的文章
dedecms的arclist循环中判断第一个li添加css,否则不加
查看>>
若干经典基础算法题目练习
查看>>
CentOS下安装实时检測网络带宽的小工具bmon
查看>>
Oracle 的PL/SQL语言使用
查看>>
水晶头
查看>>
自定义数组方法
查看>>
基础(优化):Unity3D移动游戏的优化
查看>>
02_Hive安装简介
查看>>
SQLite可视化管理工具汇总
查看>>
这两行代码 你想 表达什么,fuck,
查看>>
关于delphi XE7中的动态数组和并行编程(第一部分)
查看>>
html5 video.js 使用及兼容所有浏览器
查看>>
CSS 相对定位 绝对定位
查看>>
随机函数真的概率平均么
查看>>
javaweb各种框架组合案例(一):maven+spring+springMVC+jdbcTemplate
查看>>
主流RAII class的存在价值——..
查看>>
[USACO08OPEN]牛的车Cow Cars
查看>>
gj13 asyncio并发编程
查看>>
何时使用hadoop fs、hadoop dfs与hdfs dfs命令
查看>>
关于Slow HTTP Denial of Service Attack slowhttptest的几种慢攻击DOS原理
查看>>