Linux sshd服务

最新推荐文章于 2022-11-22 22:09:26 发布

桐、winner

最新推荐文章于 2022-11-22 22:09:26 发布

阅读量744

点赞数 1

文章标签： linux 服务器运维

本文链接：https://blog.csdn.net/zhangt123321/article/details/121456604

版权

安装软件: openssh-server-7.4p1-21.el7.x86_64.rpm

openssh-clients-7.4p1-21.el7.x86_64.rpm

配置文件: /etc/ssh/sshd_config

启动服务: systemctl restart sshd

端口: 22

[root@localhost ~]# ssh 192.168.206.100
The authenticity of host '192.168.206.100 (192.168.206.100)' can't be established.
ECDSA key fingerprint is SHA256:Ya1qcSqisCk0I+654AOnRm6wEuGZF3mZkDCeK9d9bLw.
ECDSA key fingerprint is MD5:7c:d6:a7:04:e7:3b:9a:b7:1b:6c:10:fa:5d:c8:38:05.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.206.100' (ECDSA) to the list of known hosts.
root@192.168.206.100's password:
Permission denied, please try again.
root@192.168.206.100's password:
Last failed login: Sun Nov 21 17:40:05 CST 2021 from 192.168.206.20 on ssh:notty
There was 1 failed login attempt since the last successful login.
Last login: Sun Nov 21 16:39:23 2021

/root/.ssh/known_hosts 记录登录主机信息文件

登录后远程拷贝

[root@localhost ~]# ssh 192.168.206.100

[root@client ~]# scp /root/distroy.sh 192.168.206.20:/tmp/

不登录远程拷贝

[root@localhost ~]# scp 192.168.206.100:/root/distroy.sh /tmp/

将本地目录拷贝到远程

[root@localhost ~]# scp -r /boot/ 192.168.206.100:/tmp/

修改配置文件:

[root@client ~]# vim /etc/ssh/sshd_config

Port 2222

登录指定端口号

[root@localhost ~]# ssh -p 2222 192.168.206.100

远程拷贝

[root@localhost ~]# scp -P 2222 /root/time.sh 192.168.206.100:/tmp/

密钥登录

1.服务安全

2.非交互模式执行

生成非对称密钥

[root@localhost ~]# ssh-keygen

Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:V4Kq7BgADZOXvyiQS3EdhsLrqu+eL89ob4uJ5Porc6s root@localhost.localdomain
The key's randomart image is:
+---[RSA 2048]----+
|+. .oo.          |
|.Boo..   .       |
|.o*.    . . .    |
|+o  .  .   o     |
|=. . .. S .      |
|oo....   .       |
|.o. o            |
|*.+X.            |
|E%&OB.           |
+----[SHA256]-----+



[root@localhost ~]# ls /root/.ssh/

id_rsa id_rsa.pub known_hosts



[root@localhost ~]# ssh-copy-id -i 192.168.206.100

远程服务器

[root@client ~]# ls /root/.ssh/

authorized_keys #(公钥,固定名字)



测试: 远程登录不需要输入密码 直接登录

[root@localhost ~]# ssh 192.168.206.100

Last login: Wed Aug 18 11:46:53 2021 from 192.168.206.20

root目录权限必须是550

互信登录: 让所有互信主机上都有公钥和私钥

[root@localhost ~]# ssh-keygen

Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:YFfREKz0Cqp6rRsTkdtbWmejhMTvXJB00wy0DSmuGwg root@localhost.localdomain The key's randomart image is: +---[RSA 2048]----+ | ..**== | | o ..oo*+ . | | o o.=ooo. | |E = +o+. . | | .o.oo=.S. | | ..+O =.. | | oooo+ | | ooo | |.ooo | +----[SHA256]-----+



[root@localhost ~]#

[root@localhost ~]# ls /root/.ssh/

id_rsa id_rsa.pub



[root@localhost ~]# ssh-copy-id -i 192.168.206.100

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.206.100 (192.168.206.100)' can't be established.
ECDSA key fingerprint is SHA256:Ya1qcSqisCk0I+654AOnRm6wEuGZF3mZkDCeK9d9bLw.
ECDSA key fingerprint is MD5:7c:d6:a7:04:e7:3b:9a:b7:1b:6c:10:fa:5d:c8:38:05.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.206.100's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '192.168.206.100'"
and check to make sure that only the key(s) you wanted were added.




[root@localhost ~]# ls /root/.ssh/

authorized_keys id_rsa id_rsa.pub known_hosts



[root@localhost ~]# scp -r /root/.ssh/ 192.168.206.100:/root/

The authenticity of host '192.168.10.251 (192.168.10.251)' can't be established. ECDSA key fingerprint is SHA256:RVfLo8pNryhbZZPfYmWZRWlub39MD2xYJcgMyU4MB0Q. ECDSA key fingerprint is MD5:33:27:47:64:f9:f5:d6:13:70:18:12:24:28:1f:37:b5. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.10.251' (ECDSA) to the list of known hosts. root@192.168.10.251's password: id_rsa 100% 1679 1.2MB/s 00:00 id_rsa.pub 100% 408 317.3KB/s 00:00 known_hosts 100% 352 220.0KB/s 00:00 authorized_keys 100% 408 116.1KB/s 00:00

远程登录时缓慢:

方法1:

设置主机名,并且解析重启虚拟机

方法2:

关闭主机名解析

[root@localhost ~]# vim /etc/ssh/sshd_config

UseDNS no

[root@localhost ~]# systemctl restart sshd

桐、winner

关注

1
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
Linux sshd服务

安装软件: openssh-server-7.4p1-21.el7.x86_64.rpmopenssh-clients-7.4p1-21.el7.x86_64.rpm配置文件: /etc/ssh/sshd_config启动服务: systemctl restart sshd端口: 22[root@localhost ~]# ssh 192.168.206.100The authenticity of host '192.168.206.100 (192.168.206.100)'
复制链接

扫一扫