Linux命令：ssh,scp使用及免密码登录

一、ssh使用:

            ssh  USERNAME@HOST

            ssh  -l  USERNAME HOST

            ssh  USERNAME@HOST 'COMMAND'  单引号

 [root@test ~]# ssh 110.119.131.204 #第一次连接需发送主机认证

Theauthenticity of host '110.119.131.204 (110.119.131.204)' can't be established.

RSAkey fingerprint is 91:a3:75:4b:3c:50:fd:5a:60:1a:39:ab:d5:0b:83:16.

Areyou sure you want to continue connecting (yes/no)? y

[root@fox.ssh]# cat known_hosts

110.119.131.195ssh-rsaAAAAB3NzaC1yc2EAAAABIwAAAQEA7WecSyXB82qLwTOmh/Mhh8ic80Oj/lhS2xTjVHLz5jy8aq6XxS8gOVErcJZU4qL/eG0aDEMiyUQ5OChq1IUu3U+dO0eHLgpCt6UMd/LAxYjB5rvXE6pCvESJpTRK/oJEhnnzjHXLxZG2tD8t2xy1Bvt8+6K+2TBX64z2uEav8Yy5DcH2zQzMP/4bkn7my0WPDlwRsFSDW2CE/0GWFqKL8PWt2r9DoUS4c5umwqPe4cqyvvLA960YmeNuMlnNBKp2XOBrTpLsigsIXO6lVqhEcWUU1bV7JRPmgQbZjCu5onw1Ez4929XkVroxX02E9IS6DBGN6U6tMIC8fMwUjjrbXQ==

二、scp使用:

            scpSRC DEST      -r递归        -a

            scpUSERNAME@HOST:/path/to/somefile /path/to/local

            scp/path/to/local USERNAME@HOST:/path/to/somewhere

[root@test ~]# scp 10.109.131.204:/etc/fstab ./
root@10.109.131.204's password:
Permission denied, please try again.
root@10.109.131.204's password:
fstab                                                                 100%  854     0.8KB/s   00:00    
[root@test ~]# ls
anaconda-ks.cfg  Desktop      install.log.syslog  minsysbak   rc.sysreboot
bincopy.sh       fstab        mbox                rc.reboot   test
cpbin.sh         install.log  minitest            rc.sysdone  testiso
[root@test ~]# ll fstab
-rw-r--r-- 1 root root 854 Dec  5 16:53 fstab
[root@test ~]# date
Mon Dec  5 16:53:28 CST 2016

ssh-keygen

     -trsa 

          ~/.ssh/id_rsa

           ~/.ssh/id_rsa.pub

     -f /path/to/KEY_FILE

      -P '': 指定加密私钥的密码

三、自动保存登录密码:

    多命令实现自动保存登录密码：

[root@test ~]# ssh -keygen -t rsa
Bad escape character 'ygen'.
[root@test ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
d8:f0:bb:be:4b:aa:c0:59:4d:55:de:77:13:36:d7:11 root@test
[root@test ~]# ls .ssh/
id_rsa  id_rsa.pub  known_hosts
[root@test ~]# scp .ssh/id_rsa.pub root@10.109.131.204:/root
root@10.109.131.204's password:
Permission denied, please try again.
root@10.109.131.204's password:
id_rsa.pub                                                            100%  391     0.4KB/s   00:00    
[root@test ~]# ssh 10.109.131.204
root@10.109.131.204's password:
Last login: Mon Dec  5 16:18:26 2016 from 10.109.131.209

[root@fox ~]# cat id_rsa.pub >> .ssh/authorized_keys
[root@fox ~]# exit
logout
Connection to 10.109.131.204 closed.
[root@test ~]# ssh 10.109.131.204  #无密码进入
Last login: Mon Dec  5 17:09:57 2016 from 10.109.131.209

    单命令实现自动保存登录密码：

[root@fox ~]# ssh-keygen -t rsa -f .ssh/id_rsa -P ''
Generating public/private rsa key pair.

Your identification has been saved in .ssh/id_rsa.
Your public key has been saved in .ssh/id_rsa.pub.
The key fingerprint is:
f8:b2:7d:64:20:ec:5f:09:3f:3f:2b:96:df:33:60:d3 root@fox

[root@test ~]# ssh 10.109.131.204
Last login: Mon Dec  5 17:11:14 2016 from 10.109.131.209
[root@fox ~]# ssh-copy-id  -i  ~/.ssh/id_rsa.pub root@10.109.131.204
root@10.109.131.204's password:
Now try logging into the machine, with "ssh 'root@10.109.131.204'", and check in:
  .ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.

[root@fox ~]# netstat -tnl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State      
tcp        0      0 0.0.0.0:57583               0.0.0.0:*                   LISTEN      
tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN      
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      
tcp        0      0 0.0.0.0:21                  0.0.0.0:*                   LISTEN      
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      
tcp        0      0 :::111                      :::*                        LISTEN      
tcp        0      0 :::22                       :::*                        LISTEN      
tcp        0      0 ::1:25                      :::*                        LISTEN      
tcp        0      0 :::45668                    :::*                        LISTEN

四、免密码登录主机和SFTP:

ssh-keygen

    -t {rsa|dsa}

    -f  路径

    -N 'password'

[hadoop@jacktest ~]$ ssh-keygen -t rsa -f .ssh/id_rsa -N ''
Generating public/private rsa key pair.
Your identification has been saved in .ssh/id_rsa.
Your public key has been saved in .ssh/id_rsa.pub.
The key fingerprint is:
21:d8:1d:dd:3d:f4:ae:7f:01:a3:ad:d7:ca:97:ea:8d hadoop@jacktest
[hadoop@jacktest ~]$ ssh-copy-id -i .ssh/id_rsa.pub root@110.19.13.209

15           #复制且追加到对方家目录中的.ssh/authorized_keys
The authenticity of host '110.19.131.209 (110.19.13.209)' can't be established.
RSA key fingerprint is c2:f2:75:5c:ab:4a:43:d3:e1:76:bc:d2:0f:c7:d6:32.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '110.19.13.209' (RSA) to the list of known hosts.
root@10.109.131.209's password:
Now try logging into the machine, with "ssh 'root@110.19.13.209'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

[hadoop@jacktest ~]$ ssh -l root 110.19.13.209    #单向免密码登录
Last login: Mon Dec 12 10:34:24 2016 from 110.19.13.209
[hadoop@jacktest ~]$ sftp 110.19.13.208   #免密码登录sftp,文件加密传输
Connecting to 110.19.13.208...
sftp> ls
Desktop    anaconda-ks.cfg    bincopy.sh   

---end---

转载于:https://blog.51cto.com/wangfx/1880825