SSH远程管理
(1)远程服务器安装openssh-server
fatpuffer@ubuntu:~$ sudo apt-get install openssh-server
[sudo] password for fatpuffer:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
ncurses-term openssh-client openssh-sftp-server ssh-import-id
Suggested packages:
keychain libpam-ssh monkeysphere ssh-askpass molly-guard rssh
The following NEW packages will be installed:
ncurses-term openssh-server openssh-sftp-server ssh-import-id
The following packages will be upgraded:
openssh-client
1 upgraded, 4 newly installed, 0 to remove and 417 not upgraded.
Need to get 637 kB/1,248 kB of archives.
After this operation, 5,316 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://us.archive.ubuntu.com/ubuntu bionic-updates/main amd64 ncurses-term all 6.1-1ubuntu1.18.04 [248 kB]
Get:2 http://us.archive.ubuntu.com/ubuntu bionic-updates/main amd64 openssh-sftp-server amd64 1:7.6p1-4ubuntu0.2 [45.5 kB]
Get:3 http://us.archive.ubuntu.com/ubuntu bionic-updates/main amd64 openssh-server amd64 1:7.6p1-4ubuntu0.2 [332 kB]
Get:4 http://us.archive.ubuntu.com/ubuntu bionic-updates/main amd64 ssh-import-id all 5.7-0ubuntu1.1 [10.9 kB]
Fetched 637 kB in 20s (32.0 kB/s)
Preconfiguring packages ...
(Reading database ... 137332 files and directories currently installed.)
Preparing to unpack .../openssh-client_1%3a7.6p1-4ubuntu0.2_amd64.deb ...
Unpacking openssh-client (1:7.6p1-4ubuntu0.2) over (1:7.6p1-4) ...
Selecting previously unselected package ncurses-term.
Preparing to unpack .../ncurses-term_6.1-1ubuntu1.18.04_all.deb ...
Unpacking ncurses-term (6.1-1ubuntu1.18.04) ...
Selecting previously unselected package openssh-sftp-server.
Preparing to unpack .../openssh-sftp-server_1%3a7.6p1-4ubuntu0.2_amd64.deb ...
Unpacking openssh-sftp-server (1:7.6p1-4ubuntu0.2) ...
Selecting previously unselected package openssh-server.
Preparing to unpack .../openssh-server_1%3a7.6p1-4ubuntu0.2_amd64.deb ...
Unpacking openssh-server (1:7.6p1-4ubuntu0.2) ...
Selecting previously unselected package ssh-import-id.
Preparing to unpack .../ssh-import-id_5.7-0ubuntu1.1_all.deb ...
Unpacking ssh-import-id (5.7-0ubuntu1.1) ...
Setting up ncurses-term (6.1-1ubuntu1.18.04) ...
Processing triggers for ufw (0.35-5) ...
Processing triggers for ureadahead (0.100.0-20) ...
Processing triggers for systemd (237-3ubuntu10.3) ...
Processing triggers for man-db (2.8.3-2) ...
Setting up openssh-client (1:7.6p1-4ubuntu0.2) ...
Setting up ssh-import-id (5.7-0ubuntu1.1) ...
Setting up openssh-sftp-server (1:7.6p1-4ubuntu0.2) ...
Setting up openssh-server (1:7.6p1-4ubuntu0.2) ...
Creating config file /etc/ssh/sshd_config with new version
Creating SSH2 RSA key; this may take some time ...
2048 SHA256:gEnFYnwXbrxa54ib/PWg2cP4foLxA9dpGAp2rH0ve+Y root@ubuntu (RSA)
Creating SSH2 ECDSA key; this may take some time ...
256 SHA256:iHj2OYwLV2b0O9OxHkDUMYYPggXV0LG1gz3NzD8nklU root@ubuntu (ECDSA)
Creating SSH2 ED25519 key; this may take some time ...
256 SHA256:HFEiuN7I+9Fi7Wc4l/MFE2mpNRrNSwy7AliiyOIVjfY root@ubuntu (ED25519)
Created symlink /etc/systemd/system/sshd.service → /lib/systemd/system/ssh.service.
Created symlink /etc/systemd/system/multi-user.target.wants/ssh.service → /lib/systemd/system/ssh.service.
Processing triggers for ureadahead (0.100.0-20) ...
Processing triggers for systemd (237-3ubuntu10.3) ...
Processing triggers for ufw (0.35-5) ...
(2)本机登陆
python@ubuntu:~$ ssh fatpuffer@192.168.153.132 -p 22
fatpuffer@192.168.153.132's password:
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-29-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
* Canonical Livepatch is available for installation.
- Reduce system reboots and improve kernel security. Activate at:
https://ubuntu.com/livepatch
422 packages can be updated.
196 updates are security updates.
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
fatpuffer@ubuntu:~$
(3)如果登陆被拒绝,可能需要重新启动服务器ssh
sudo /etc/init.d/ssh start
SCP远程拷贝
上传
将本地桌面文件hello.py上传到服务器桌面
scp -P 22 /home/python/Desktop/hello.py fatpuffer@192.168.153.132:/home/fatpuffer/Desktop
下载
将远程服务器桌面文件hello.py下载到本地桌面
scp -P 22 fatpuffer@192.168.153.132:/home/fatpuffer/Desktop/hello.py /home/python/Desktop
- 如果传输内容是文件夹形式需要指定
-r
参数 - -P是大写,不是小写
scp -P -r 22 /home/python/Desktop/myproject fatpuffer@192.168.153.132:/home/fatpuffer/Desktop
SSH免密登陆
(1)使用ssh-keygen
命令生成密钥对
python@ubuntu:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/fatpuffer/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/fatpuffer/.ssh/id_rsa.
Your public key has been saved in /home/fatpuffer/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:zOMyfKqBzbEQwdJjOMVrd82UftL1oVdywsYx+5xhYw8 fatpuffer@ubuntu
The key's randomart image is:
+---[RSA 2048]----+
| *o . oo. |
|+ *. o . Boo|
| +.o = . . +E@ |
| o.. .o= o . =+=|
| ..... So . .+|
| = + . . |
| . = + o |
| . = |
| ... |
+----[SHA256]-----+
python@ubuntu:~$ cd .ssh/
python@ubuntu:~/.ssh$ ls
id_rsa id_rsa.pub known_hosts
(2)使用ssh-copy-id
命令,将公钥推送到服务器
python@ubuntu:~$ ssh-copy-id fatpuffer@192.168.153.132
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
fatpuffer@192.168.153.132's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'fatpuffer@192.168.153.132'"
and check to make sure that only the key(s) you wanted were added.
(3)接下来就可以直接登陆,不用输入密码
python@ubuntu:~$ ssh fatpuffer@192.168.153.132
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-29-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
* Canonical Livepatch is available for installation.
- Reduce system reboots and improve kernel security. Activate at:
https://ubuntu.com/livepatch
422 packages can be updated.
196 updates are security updates.
Last login: Tue Feb 26 20:43:41 2019 from 192.168.153.131
fatpuffer@ubuntu:~$ ls
- 我们发现虽然不用输入密码了,但是还是要记住服务器ip地址才能登陆,依然很麻烦,那有没有更好的解决办法呢,答案当然是有,接下来我们看如何使得SSH登陆更加简单
SSH起别名
举个栗子
(1)在使用别名之前,登陆如下
python@ubuntu:~$ ssh fatpuffer@192.168.153.132
- 我们必须记住远程服务器ip地址才能登陆
(2)使用别名之后,登陆如下
ssh fatpuffer
实践环节
(1)在本地/home/python/.ssh
目录下新建config
文件
python@ubuntu:~$ cd .ssh
python@ubuntu:~$ ls
id_rsa id_rsa.pub known_hosts
python@ubuntu:~/.ssh$ touch config
python@ubuntu:~$ ls
id_rsa id_rsa.pub known_hosts config
(2)编辑config文件,内容如下:
Host 别名
HostName 远程服务器ip
User 远程服务器用户名
Port 22
ex:
Host fatpuffer
HostName 192.168.153.132
User fatpuffer
Port 22
(3)接下来我们使用别名登陆远程服务器
python@ubuntu:~$ ssh fatpuffer
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-29-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
* Canonical Livepatch is available for installation.
- Reduce system reboots and improve kernel security. Activate at:
https://ubuntu.com/livepatch
422 packages can be updated.
196 updates are security updates.
Last login: Tue Feb 26 21:55:43 2019 from 192.168.153.131
fatpuffer@ubuntu:~$
在配置好免密登录后SCP远程拷贝命令也可以使用别名来进行文件传输了