First, SSH introduction
SSH (full Secure Shell) is an encrypted network protocol. Data that uses the protocol will be encrypted, and if the intermediate data leaks in transit, it can also ensure that no one can read out useful information. To use SSH, the target machine should install the SSH server application because SSH is based on the customer-service model. When you want to securely connect to a host remotely, an intermediary network (such as the Internet) is not secure, and SSH is often used in this case.
Second, install SSH
Debian/ubuntu-based systems:
Installing Ssh-client
$ sudo apt-get install openssh-client
Installing Ssh-server
$ sudo apt-get Install openssh-server
Redhat/centos-based systems:
[email protected] ~]# Yum Install OpenSSH - Server OpenSSH - Clients
Once SSH is installed, we can enter SSH under the terminal to check if the installation is normal.
[[email protected] ~]# SSH
USAGE:SSH [ -1246AACFGKKMNNQSTTVVXXYY] [-B bind_address] [-c Cipher_spec]
[-D [Bind_address:]port] [-E Escape_char] [-F ConfigFile]
[-I. Identity_file] [-l [Bind_address:]port:host:hostport]
[-L login_name] [-M Mac_spec] [-O ctl_cmd] [-o option] [-P Port]
[-R [Bind_address:]port:host:hostport] [-S Ctl_path]
[-W Host:port] [-W Local_tun[:remote_tun]]
[[Email protected]]hostname [command]
Third, SSH command annotations
[[email protected] ~]# ssh 192.168.2.106 = = login directly to the remote server 192.168.2.106
[Email protected] ~]# ssh-l Jianghua 192.168.2.106 or
[[email protected] ~]# SSH [email protected] = = Specifies the user name to log on to the remote server.
[Email protected]st ~]$ shh 192.168.2.106-p 22 = = Specifies the port number to log on to the remote server.
[[email protected] ~]$ ssh -b 192.168. 2. 102 [email protected] 192.168 . 2.106 ==> because this machine has more than one network card, specifies that there are 2.102 IP logon process servers for this NIC.
[[email protected] ~]# ssh-v 192.168.2.106 = = "Displays the login remote server 192.168.2.106, connection information.
[[email protected] ~]# ssh-c 192.168.2.106 = = "When you log on to a remote server, the data is compressed when you transfer data locally and remotely.
[[email protected] ~]# ssh -F /home/jianghua / My_ssh_config 192.168 . 2 . 106 = = Specifies the ssh profile for a specific user to log on to the remote server.
[[Email protected] ~] #ssh-N-l2001:localhost:80 somemachine = = "The remote server 80 port and the local 2001 port for tunnel binding, the implementation of input in the browser http://localhost : 2001 can visit the website.
[[Email protected] ~] #ssh [email protected] Cat/path/to/reemotefile | Diff/path/to/localfile-==> compares the specified files and local files on the remote server.
[[email protected] ~] #ssh [email protected] Command = = "Execute commands on the remote server.
Four, two machine access does not require password settings
Suppose A is a client machine and B is a server, now let a machine ssh login to B machine without entering A password.
Practice:
1. Log In a machine
2. Execution: ssh-keygen-t [RSA|DSA] generates key file and private key file id_rsa,id_rsa.pub or id_dsa,id_dsa.pub
3. Copy the. pub file to the. SSH directory of the B machine. (Ssh-copy-id-i ~/.ssh/id_rsa.pub user@b)
4. Execution: Cat id_dsa.pub >> ~/.ssh/authorized_keys
5. Verify Login: SSH B
SSH Command Summary