telnet和ssh是用于远程访问服务器的两大协议,利用它们可以完成对远程计算机的控制,它们都基于TCP/IP协议,因此连接时都需要知道目标机器的网址或域名。
一、telnet
telnet是Telecommunications和Networks的联合缩写,它是一种在UNIX平台上最为人所熟知的网络协议,telnet默认使用23端口,它采用明文传送报文,没有使用任何验证策略及数据加密方法,因此它的安全性不好,存在很大的安全威胁。telnet连接服务器的主要过程为:
- a.客户端建立与远程服务器的TCP连接
- b.远程服务器通知客户端收到连接,等候输入
- c.客户端收到通知后开始收集客户输入,将输入的字符串转换成标准格式并传送到服务器
- d.远程服务器接收并执行命令,将结果回传到客户端,客户端收到结果后回显
1.1 监测服务器是否正常启动
telnet ip/域名 port
MacBook-Pro-5:~ jerry$ telnet localhost 8080
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
telnet: Unable to connect to remote host
检测Mac下的http服务是否正常启动,以上结果表示telnet无法通过该端口连接到localhost。通过brew install httpd安装httd工具及其依赖,安装后通过apachectl start或brew services start htppd启动http服务。
访问地址:http://localhost:8080/,页面返回It works!,本地http服务启动成功。重新检测http服务监听端口开启情况(使用ctrl + ]退出连接)
MacBook-Pro-5:~ jerry$ telnet localhost 8080
Trying ::1...
Connected to localhost.
Escape character is '^]'.
Mac下http服务默认的8080端口已开启,如需关闭http服务:apachectl stop
此外,也可以通过netstat查看http监听端口开启情况:
MacBook-Pro-5:~ jerry$ netstat -ant | grep LISTEN
tcp46 0 0 *.8080 *.* LISTEN
tcp6 0 0 *.60437 *.* LISTEN
tcp4 0 0 *.60437 *.* LISTEN
tcp4 0 0 127.0.0.1.4401 *.* LISTEN
tcp4 0 0 127.0.0.1.631 *.* LISTEN
tcp6 0 0 ::1.631 *.* LISTEN
tcp4 0 0 127.0.0.1.49158 *.* LISTEN
1.2 telnet与ping区别
- telnet用于连接远程服务器,也可监测目标服务器的TCP端口是否开放
- ping用于监测目标服务器或域名的连通性,ping可以通过域名解析出ip,可以评估网络质量
二、ssh
ssh取名字Secure Shell,它是通过互联网访问网络设备和服务器的主要协议,ssh的默认使用22端口。在服务端,ssh服务是一个守护进程(sshd),负责实施监听客户端请求。ssh知识一种是协议,既有商业实现,也有开源实现,目前被广泛使用的开源版本是openssh,它分为客户端(openssh-client)和服务端(openssh-server),如果只是想登陆其他服务器,则本地只需安装openssh-client即可。
检测本地ssh安装情况
MacBook-Pro-5:ssh jerry$ ps -ef | grep ssh
502 1237 1 0 四10上午 ?? 0:00.04 /usr/bin/ssh-agent -l
502 35328 34724 0 10:05下午 ttys000 0:00.00 grep ssh
ssh-agent表示openssh-client启动,如果本地安装并启动了openssh-sever,则会有sshd的进程。
- 2.1 ssh远程登陆
使用命令:ssh [-p port] user@host,如果本地用户名与远程用户名一致,则可缺省user,使用:ssh [-p port] host,登陆请求会默认发送至服务器的22端口,可以通过-p参数指定到其它端口号,以下是登陆服务器的提示:
ssh 11.22.33.44
The authenticity of host '11.22.33.44 (11.22.33.44)' can't be established.
RSA key fingerprint is SHA256:c1lP7BdXLgTEVsFiSuoux0fOylT2VUDocqBW1rZ88LM.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '11.22.33.44' (RSA) to the list of known hosts.
Connection closed by 11.22.33.44 port 22
提示没有连接到host服务器,知道host服务器的公钥指纹,问是否需要继续。如果公钥指纹比对后确认,则将host主机的公钥保存到用户本地/Users/jerry/.ssh/known_hosts文件中,下次再连接服务器,用户客户端就能识别该主机。
【公钥登录】
公钥登录可以省略以上登陆过程中每次输入密码部分。其原理为:将用户本地的公钥存储到服务器上,登录时,远程主机向用户发送随机字符串,用户用私钥加密后回传,远程服务器用用户存储的公钥解密,如果成功,则用户可信,允许登录。
配置过程为:
- a.ssh-keygen,客户端生成密钥
- b.ssh-copy-id user@host,将客户端公钥复制到主机
- c.ssh user@host,免密登录
MacBook-Pro-5:.ssh jerry$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/jerry/.ssh/id_rsa):
/Users/jerry/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/jerry/.ssh/id_rsa.
Your public key has been saved in /Users/jerry/.ssh/id_rsa.pub.
The key fingerprint is:
xxxx
MacBook-Pro-5:.ssh jerry$ ssh-copy-id jerry@11.22.33.44
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/jerry/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
jerry@11.22.33.44's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'jerry@11.22.33.44'"
and check to make sure that only the key(s) you wanted were added.
- 2.2 ssh远程操作
查看服务器80端口开启情况:
MacBook-Pro-5:.ssh jerry$ ssh jerry@11.22.33.44 'telnet localhost 80'
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
将本地文件夹打包到服务器:
MacBook-Pro-5:~ jerry$ cd Desktop/test1 && tar czv tt | ssh jerry@11.22.33.44 'tar xz'
a tt
a tt/test11.txt
将服务器文件夹打包到本地:
MacBook-Pro-5:test1 jerry$ ssh jerry@11.22.33.44 'tar cz tt' | tar xzv
x tt/
x tt/heihei
x tt/._test11.txt
293
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
