ssh+nodejs+相关练习

ssh

ssh两种认证方式:

基于用户名密码的认证

基于密钥对的认证（免密码登录）

1)对称加密：des

有一个密码条

2)非对称加密：rsa

有2条密码本

公钥 用于加密 保障不是明文传输

私钥 用于解密 将加密的文件解析成明文

ssh商用收费对安全负责

Linux当前系统安装openssh

ssh端口：22  

[root@Linux aaa]# netstat -lntup | grep sshd
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      943/sshd            
tcp6       0      0 :::22                   :::*                    LISTEN      943/sshd            
 

安装ssh服务，必须安装以下三个

1.openssh

2.ssh-server

3.ssh-client

不关闭selinux会导致sshd的端口无法修改

禁⽌root账号远程登录：

在配置⽂件设置permitRootlogin no，不允许root账户远程登录可以设置其他账户远程登录。vim /etc/ssh/sshd_config

38⾏ PermitRootLogin no

由于root不能远程登录，我们创建了zhangsan,lisi两个账户，并且设置了密码

现在zhangsan,lisi两个程序员需要对服务器中的code⽬录进⾏编辑

将zhangsan. lisi都添加到附加组 code(使⽤groupadd code提前创建好附加组)

usermod -g code zhangsan

usermod -g code lisi

为code⽬录添加code组的权限

chgrp -R code /code/ #将code所属组修改为code组

chmod -R g+w /code/ 为code⽬录的组⽤户加上w权限

更改ssh默认端口：

1.修改 vim /etc/ssh/sshd_config 第17⾏的# 删除，22换成9999

vim /etc/ssh/sshd_config

17⾏ Port 9999

2.重启sshd服务，

setenforce 0 停⽤selinux

systemctl stop firewalls 停⽤防⽕墙

systemctl restart ssh

重启ssh服务

ssh连接服务器，如果服务端⼝是22，可以不⽤添加-p选项

如果不是22端⼝，就不许添加-p选项

restart与reload的本质区别：

① restart其实相当于stop然后在start

② reload不停⽌现有业务，只是重新加载sshd对应的配置⽂件

pwgen生成用户密码

在实际⽣产环境中，其⽤户密码⼀定不要⼿⼯设置，建议使⽤专业的密码⽣成⼯具如pwgen。

① 安装随机密码⽣成⼯具pwgen

② 使⽤pwgen⼯具⽣成随机密码

⽤法: pwgen 选项参数 ⻓度 ⽣成个数

Usage: pwgen [ OPTIONS ] [ pw_length ] [ num_pw ]

scp

scp 指定端⼝ - P ⼤写

ssh 指定端⼝ -p ⼩写

使⽤的默认的22端⼝，不需要指定

scp上传也要注意⽤户的权限问题，没有权限的⽬录⽆法上传

踢出用户

# 查看当前在线⽤户

w

# 踢出某个账号

pkill -kill -t pts/1

ssh免密登录

1.随便找个账户执⾏ ssh-keygen 按三次回撤，会在当前和⽤户的家⽬录下

～/.ssh/id_res 私钥

～/.ssh/id_rsa_pub 公钥

2.ssh-copy-id -p22 root@192.168.71.140 ⽤root'对root，⽤zhangsan对zhangsan免密

3.ssh -pxxx root@ip地址

nodejs服务

安装nodejs服务

nodejs是一个运行环境，和javajdk运行环境一样

nodejs是简易服务器的环境

事先安装epel镜像

[root@Linux ~]# ls /etc/yum.repos.d/

epel.repo  epel-testing.repo

1.使用yum安装nodejs环境

[root@Linux ~]# yum list | grep nodejs
[root@Linux ~]# yum -y install nodejs.x86_64

安装完成后，使用node  -v 查看版本
[root@Linux ~]# node -v      //查看版本
v16.20.2

2.安装包管理器  npm   node  package manager

[root@Linux ~]# yum -y install npm

[root@Linux ~]# npm -v
8.19.4

3.npm设置国内镜像

[root@Linux ~]# npm config set registry https://registry.npmmirror.com
4.使用npm(nodejs包管理器)安装软件

使用npm安装vue的脚手架软件

[root@Linux ~]# npm install @vue/cli -g

[root@Linux ~]# find / -name "vue"
/usr/local/bin/vue
/usr/local/lib/node_modules/@vue/cli/node_modules/vue

[root@Linux ~]# /usr/local/bin/vue -V
@vue/cli 5.0.8

5.使用vue脚手架创建一个项目aaa

/usr/local/bin/vue create aaa

6.跳到项目目录中，启动项目 npm  run serve

cd aaa
tree
npm run serve

7.构建静态的html项目   npm run bulid

[root@Linux aaa]# ls dist
css  favicon.ico  index.html  js

8.将构建的项目目录dist目录中的所有文件部署到nginx的html目录中

9.reload  nginx
 

练习：

1.新增账号 zhangsan lisi wangwu zhaoliu aaa bbb ccc ddd

2.设置和账号同名的如果长度不够8位就重复账号

[root@y ~]# useradd zhangsan

[root@y ~]# passwd zhangsan

更改用户 zhangsan 的密码 。

新的 密码：

无效的密码： 密码少于 8 个字符

重新输入新的 密码：

passwd：所有的身份验证令牌已经成功更新。

[root@y ~]#useradd lisi

[root@y ~]#passwd lisi

更改用户 lisi 的密码 。

新的 密码：

无效的密码： 密码少于 8 个字符

重新输入新的 密码：

passwd：所有的身份验证令牌已经成功更新。

[root@y ~]# useradd wangwu

[root@y ~]# passwd wangwu

更改用户 wangwu 的密码 。

新的 密码：

无效的密码： 密码少于 8 个字符

重新输入新的 密码：

passwd：所有的身份验证令牌已经成功更新。

[root@y ~]# useradd zhaoliu

[root@y ~]# passwd zhaoliu

更改用户 zhaoliu 的密码 。

新的 密码：

无效的密码： 密码少于 8 个字符

重新输入新的 密码：

passwd：所有的身份验证令牌已经成功更新。

[root@y ~]# useradd aaa

[root@y ~]# passwd aaa

更改用户 aaa 的密码 。

新的 密码：

无效的密码： 密码少于 8 个字符

重新输入新的 密码：

passwd：所有的身份验证令牌已经成功更新。

[root@y ~]# useradd bbb

[root@y ~]# passwd bbb

更改用户 bbb 的密码 。

新的 密码：

无效的密码： 密码少于 8 个字符

重新输入新的 密码：

passwd：所有的身份验证令牌已经成功更新。

[root@y ~]# useradd ccc

[root@y ~]# passwd ccc

更改用户 ccc 的密码 。

新的 密码：

无效的密码： 密码少于 8 个字符

重新输入新的 密码：

passwd：所有的身份验证令牌已经成功更新。

[root@y ~]# useradd ddd

[root@y ~]# passwd ddd

更改用户 ddd 的密码 。

新的 密码：

无效的密码： 密码少于 8 个字符

重新输入新的 密码：

passwd：所有的身份验证令牌已经成功更新。

3.设置这些账户都有对code目录w的权限   -g code

[root@y ~]# mkdir /code/

[root@y ~]# ls -l /

总用量 22

lrwxrwxrwx.   1 root root    7 7月  17 03:39 bin -> usr/bin

dr-xr-xr-x.   5 root root 4096 7月  17 03:43 boot

drwxr-xr-x.   2 root root    6 7月  17 14:56 code

[root@y ~]# groupadd code

[root@y ~]# usermod -g code zhangsan

[root@y ~]# usermod -g code lisi

[root@y ~]# usermod -g code wangwu

[root@y ~]# usermod -g code zhaoliu

[root@y ~]# usermod -g code aaa

[root@y ~]# usermod -g code bbb

[root@y ~]# usermod -g code ccc

[root@y ~]# usermod -g code ddd

[root@y ~]# chgrp -R code /code/

[root@y ~]# ls -l /

总用量 22

lrwxrwxrwx.   1 root root    7 7月  17 03:39 bin -> usr/bin

dr-xr-xr-x.   5 root root 4096 7月  17 03:43 boot

drwxr-xr-x.   2 root code    6 7月  17 14:56 code

[root@y ~]# chmod -R g+w /code/

4.为以上的用户设置免密登录

（1）在x上免密登录zhangsan

[root@localhost ~]# ssh-keygen

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

SHA256:T4f3PsMciZSuWUAE2nTIMvwAXcxxoUWr88PytSOT7SI root@x

The key's randomart image is:

+---[RSA 2048]----+

|    .+ ==*B.     |

|      *+==..     |

|      .=o..  .   |

|        ....o    |

|        S o+o. . |

|         * o+.o  |

|        . =*.o.. |

|        EoBooo=  |

|         ..=o..o |

+----[SHA256]-----+

[root@localhost ~]# ls ./.ssh/

authorized_keys  id_rsa  id_rsa.pub  known_hosts

[root@localhost ~]# ssh-copy-id -p9999 zhangsan@192.168.2.8

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

zhangsan@192.168.2.8's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh -p '9999' 'zhangsan@192.168.2.8'"

and check to make sure that only the key(s) you wanted were added.

[root@localhost ~]# ssh -p9999 zhangsan@192.168.2.8

Last login: Wed Jul 17 16:16:11 2024

[zhangsan@y ~]$

（2）在x上设置lisi免密登录

[root@localhost ~]# ssh-copy-id -p9999 lisi@192.168.2.8

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

lisi@192.168.2.8's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh -p '9999' 'lisi@192.168.2.8'"

and check to make sure that only the key(s) you wanted were added.

[root@localhost ~]# ssh -p9999 lisi@192.168.2.8

Last login: Wed Jul 17 15:24:08 2024 from 192.168.2.1

[lisi@y ~]$

（3）在x上设置wangwu免密登录

[root@localhost ~]# ssh-copy-id -p9999 wangwu@192.168.2.8

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

wangwu@192.168.2.8's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh -p '9999' 'wangwu@192.168.2.8'"

and check to make sure that only the key(s) you wanted were added.

[root@localhost ~]# ssh -p9999 wangwu@192.168.2.8

Last login: Wed Jul 17 16:37:43 2024 from y

[wangwu@y ~]$

（4）在x上设置zhaoliu免密登录

[root@localhost ~]# ssh-copy-id -p9999 zhaoliu@192.168.2.8

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

zhaoliu@192.168.2.8's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh -p '9999' 'zhaoliu@192.168.2.8'"

and check to make sure that only the key(s) you wanted were added.

[root@localhost ~]# ssh -p9999 zhaoliu@192.168.2.8

Last login: Wed Jul 17 17:15:03 2024 from 192.168.2.1

（5）在x上设置aaa免密登录

[root@localhost ~]# ssh-copy-id -p9999 aaa@192.168.2.8

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

aaa@192.168.2.8's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh -p '9999' 'aaa@192.168.2.8'"

and check to make sure that only the key(s) you wanted were added.

[root@localhost ~]# ssh -p9999 aaa@192.168.2.8

Last login: Wed Jul 17 17:23:03 2024 from 192.168.2.1

[aaa@y ~]$

（6）在x上设置bbb免密登录

[root@localhost ~]# ssh-copy-id -p9999 bbb@192.168.2.8

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

bbb@192.168.2.8's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh -p '9999' 'bbb@192.168.2.8'"

and check to make sure that only the key(s) you wanted were added.

[root@localhost ~]# ssh -p9999 bbb@192.168.2.8

Last login: Wed Jul 17 17:25:55 2024 from 192.168.2.1

[bbb@y ~]$

（7）在x上设置ccc免密登录

[root@localhost ~]# ssh-copy-id -p9999 ccc@192.168.2.8

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

ccc@192.168.2.8's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh -p '9999' 'ccc@192.168.2.8'"

and check to make sure that only the key(s) you wanted were added.

[root@localhost ~]# ssh -p9999 ccc@192.168.2.8

Last login: Wed Jul 17 17:32:39 2024 from 192.168.2.1

[ccc@y ~]$

（8）在x上设置ddd免密登录

[root@localhost ~]# ssh-copy-id -p9999 ddd@192.168.2.8

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

ddd@192.168.2.8's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh -p '9999' 'ddd@192.168.2.8'"

and check to make sure that only the key(s) you wanted were added.

[root@localhost ~]# ssh -p9999 ddd@192.168.2.8

Last login: Wed Jul 17 17:34:02 2024 from 192.168.2.1

[ddd@y ~]$