Cydiachencc的博客

个人学习记录

【课程笔记】快速上手Linux玩转典型应用——慕课网(SSH)

SSH简介:

SSH的简单介绍
1、安全外壳协议;
2、建立在应用层上的软件;
3、跨平台;
4、安全;

1.1 在Centos安装SSH服务(默认安装的)

要启动服务,然后设置开机运行chkconfig sshd on

1.2客户端的SSH工具:

典型的CS交互模式,有多种SSH软件连接。
在安装sever时候已经把client安装过了。

1.3使用SSH命令链接服务——命令行

macOS下使用teminal进行连接SSH:
命令非常的简单:ssh [username]@[domain_name]

Last login: Mon Apr 16 19:27:21 on ttys001
zhangyunchendeMacBook-Pro:~ zhangyunchen$ ssh
usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]
           [-D [bind_address:]port] [-E log_file] [-e escape_char]
           [-F configfile] [-I pkcs11] [-i identity_file]
           [-J [user@]host[:port]] [-L address] [-l login_name] [-m mac_spec]
           [-O ctl_cmd] [-o option] [-p port] [-Q query_option] [-R address]
           [-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]]
           [user@]hostname [command]
zhangyunchendeMacBook-Pro:~ zhangyunchen$ 
zhangyunchendeMacBook-Pro:~ zhangyunchen$ 
zhangyunchendeMacBook-Pro:~ zhangyunchen$ 
zhangyunchendeMacBook-Pro:~ zhangyunchen$ ssh root@192.168.0.114
The authenticity of host '192.168.0.114 (192.168.0.114)' can't be established.
ECDSA key fingerprint is SHA256:VoLf/WSoie6PfXjWGPGmkHnfTeiUDHMCizH+hj+il+Q.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.114' (ECDSA) to the list of known hosts.
root@192.168.0.114's password: 
Last login: Mon Apr 16 07:33:36 2018 from 192.168.0.155
[root@localhost ~]# 
[root@localhost ~]# 
[root@localhost ~]# 
[root@localhost ~]# exit
登出
Connection to 192.168.0.114 closed.
zhangyunchendeMacBook-Pro:~ zhangyunchen$ exit
logout
Saving session...
...copying shared history...
...saving history...truncating history files...
...completed.

1.4 SSH config讲解

使用config是可以用来批量管理多个SSH,典型的运维要学会的技能。一般的config存放在~/.ssh/config

config的配置语法

语法关键词:
HostName;
Port;
User;
IdentityFile;秘钥文件路径

这个SSH config我感觉非常的像JSON文件的格式: host “centos”

        Hostname 192.168.0.114
        User root
        Port 22
        IdentityFile ~/.ssh/id_rsa.pub
        IndentitiesOnly yes

具体操作:

Last login: Mon Apr 16 19:36:20 on ttys001
zhangyunchendeMacBook-Pro:~ zhangyunchen$ ssh root@192.168.0.105
^Z
[1]+  Stopped                 ssh root@192.168.0.105
zhangyunchendeMacBook-Pro:~ zhangyunchen$ ssh root@192.168.0.114
root@192.168.0.114's password: 
Last login: Mon Apr 16 07:37:39 2018 from 192.168.0.155
[root@localhost ~]# 
[root@localhost ~]# 
[root@localhost ~]# 
[root@localhost ~]# 
[root@localhost ~]# exit
登出
Connection to 192.168.0.114 closed.
zhangyunchendeMacBook-Pro:~ zhangyunchen$ cd ~/.ssh
zhangyunchendeMacBook-Pro:.ssh zhangyunchen$ ls
known_hosts
zhangyunchendeMacBook-Pro:.ssh zhangyunchen$ touch config 
zhangyunchendeMacBook-Pro:.ssh zhangyunchen$ ;s
-bash: syntax error near unexpected token `;'
zhangyunchendeMacBook-Pro:.ssh zhangyunchen$ ls
config known_hosts
zhangyunchendeMacBook-Pro:.ssh zhangyunchen$ vim config
zhangyunchendeMacBook-Pro:.ssh zhangyunchen$ ssh Centos
root@192.168.0.114's password: 
Last login: Mon Apr 16 07:45:40 2018 from 192.168.0.155
[root@localhost ~]# vim config

[1]+  已停止               vim config
[root@localhost ~]# vim ~/.ssh/config

[2]+  已停止               vim ~/.ssh/config
[root@localhost ~]# cd ~/.ssh
-bash: cd: /root/.ssh: 没有那个文件或目录
[root@localhost ~]# cd ~/.ssh/
-bash: cd: /root/.ssh/: 没有那个文件或目录
[root@localhost ~]# exit
登出
有停止的任务。
[root@localhost ~]# exit
登出
Vim: Caught deadly signal TERM
Vim: Finished.
Vim: Caught deadly signal TERM
Vim: Finished.
Connection to 192.168.0.114 closed.
zhangyunchendeMacBook-Pro:.ssh zhangyunchen$ vim config

[2]+  Stopped                 vim config
zhangyunchendeMacBook-Pro:.ssh zhangyunchen$ 
zhangyunchendeMacBook-Pro:.ssh zhangyunchen$ 
zhangyunchendeMacBook-Pro:.ssh zhangyunchen$ 
zhangyunchendeMacBook-Pro:.ssh zhangyunchen$ cat config\
> 

host "Centos"
HostName 192.168.0.114
User root
Port 22

zhangyunchendeMacBook-Pro:.ssh zhangyunchen$  exit
logout
There are stopped jobs.
zhangyunchendeMacBook-Pro:.ssh zhangyunchen$ exit
logout
Saving session...
...copying shared history...
...saving history...truncating history files...
...completed.


host "Centos"
        HostName 192.168.0.114
        User root
        Port 22

[进程已完成]~          

1.5 SSH的免密码登录——SSH KEY

  1. 我们往往使用非对称加密的方式生成公钥
  2. 私钥主要存放在本地~/.ssh目录
  3. 公共密钥对外开放,放置在服务器的~/.ssh/authorized_keys

Linux下,我们通过SSH里面自带的ssh-keygen -t rsa/dsa来生成ssh key;

Last login: Mon Apr 16 21:19:28 on ttys000
zhangyunchendeMacBook-Pro:~ zhangyunchen$ cd ~/.ssh
zhangyunchendeMacBook-Pro:.ssh zhangyunchen$ ssh-
ssh-add      ssh-agent    ssh-copy-id  ssh-keygen   ssh-keyscan  
zhangyunchendeMacBook-Pro:.ssh zhangyunchen$ ssh-
ssh-add      ssh-agent    ssh-copy-id  ssh-keygen   ssh-keyscan  
zhangyunchendeMacBook-Pro:.ssh zhangyunchen$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/zhangyunchen/.ssh/id_rsa): cent_rsa
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in cent_rsa.
Your public key has been saved in cent_rsa.pub.
The key fingerprint is:
SHA256:T/9j0NxcnE7Lzysf5aaI+ek/WCJyAp4u68kFsneK1Gc zhangyunchen@zhangyunchendeMacBook-Pro.local
The key's randomart image is:
+---[RSA 2048]----+
|                 |
|                 |
|               ..|
|      .        oo|
|  . .. oS .  o+o+|
|   + .o ooo.o +=+|
|  o o.E  +...= o+|
| . +.B.    o.=+o+|
|  ..*o    oo=o*=.|
+----[SHA256]-----+
zhangyunchendeMacBook-Pro:.ssh zhangyunchen$ ls
cent_rsa    cent_rsa.pub    config      known_hosts
zhangyunchendeMacBook-Pro:.ssh zhangyunchen$ 
阅读更多
文章标签: Linux 运维 基础
个人分类: 个人技能
上一篇【课程笔记】快速上手Linux玩转典型应用——慕课网(Linux基本配置)
下一篇Apr 17th 数字图像处理连载(05)
想对作者说点什么? 我来说一句

linux快速上手

2017年11月04日 44.47MB 下载

没有更多推荐了,返回首页

关闭
关闭