Common SSH Utility commands in Linux

Source: Internet
Author: User
Tags bz2 memory usage parent directory ssh port number ssh access ssh port


Common SSH Utility Commands

1. Statistics of current directory files
Find. -type F-print |wc-l
2. Packing and compressing
Compressed TAR-CJVF xxxx.tar.bz2 xxxx (folder)
Extract Tar Xvjf xxxx.tar.bz2
3. Folder
cd[Directory name] conversion path
Cd.. Return to Parent Directory
LS shows all files in current directory
-PWD Show Current Path
-mkdir xxxx New Folder
4. View folder size
Du-s xxxx by kb
Du-sh xxxx Press M
5. Delete Files
-rm [file] Delete files/folders
$RM-F [file] forcibly deleted, ignoring files that do not exist, without prompting
$RM-R [file] recursively deletes all content
Delete a folder $rm-RF
6. Moving files
CP-RPF. a/* b copies all files in folder A to its parent directory B


Summary of common usage of SSH

1, connect to the remote host:
Command format:
SSH Name@remoteserver or
SSH remoteserver-l Name
Description: Both of these methods can be remotely logged on to a remote host, server on behalf of the remote host, name is the user name to log on to the remote host.
2. Connect to the port specified by the remote host:
Command format:
SSH name@remoteserver-p 2222 or
SSH remoteserver-l name-p 2222
Note: The p parameter specifies the port number, which is usually done in the routing, when we do not map the 22 port directly, but instead convert it to another port number, we need to use the-P port number command format.
3, through the remote host 1 skip to the remote Host 2:
Command format:
Ssh-t remoteserver1 ssh Remoteserver2
Note: When a remote host Remoteserver2 cannot be reached directly, you can use the-t parameter and then jump to Remoteserver2 by Remoteserver1. In this process, you must enter the Remoteserver1 password, then enter the Remoteserver2 password, and then you can operate the remoteserver2.
4. Run remote shell command via SSH:
Command format:
Ssh-l name remoteserver ' command '
Description: Connect to the remote host and execute command commands for the remote host. For example, view the memory usage of a remote host.
$ ssh-l Root 192.168.1.100 svmon-g
5, modify the SSH listening port:
By default, SSH Listener connection Port 22 allows an attacker to see whether the host is running an SSH service using port scanning software, and modifying the SSH port to a port greater than 1024 is a wise choice because most port scanning software (including nmap) does not scan the high port by default. Open the/etc/ssh/sshd_config file and look for lines like the following:
Port 22
Remove the # number in front of the line, and then modify the port number and restart the SSH service:
$/etc/init.d/ssh Restart
6. Allow SSH protocol version 2 only:
With two SSH protocol versions, SSH protocol version 2 is more secure, SSH protocol version 1 has security issues, including man-in-the-middle attacks (man-in-the-middle) and injection (insertion) attacks. Edit the/etc/ssh/sshd_config file and look for lines like the following:
# Protocol 2,1
Amended to
Protocol 2
7, prohibit the root user login:
Under normal circumstances, do not use the root to log in directly to the remote host, because the root user has super privileges, this will bring security risks, so, generally we log on with ordinary users, when the need to manage the remote host, and then switch to root users. Open the/etc/ssh/sshd_config file and look for lines like the following:
#PermitRootLogin Yes
Remove the # number and then modify yes to No to reboot the SSH service so that the root user can be prevented from logging in.
8, set the login prompt information
First edit a file, such as Bannertest.txt, and the contents of the file are defined by itself. Then open the/etc/ssh/sshd_config file and look for the following lines:
#Banner/some/path
Remove the # number and replace the full path of the Bannertest.txt file with/some/path, then save and restart the SSH service. When the client logs on, you will see the prompts in the Bannertest.txt file.
9, the port mapping:
If the company intranet has a Web server, but only internal and external, so that the external network can not be accessed, using SSH port mapping to achieve external network access to the intranet Web server. If the Web server name is Webserver,webserver can SSH access to the remote host RemoteServer, log on to webserver, and then use the following command to map
Command format:
Ssh-r 3000:localhost:80 RemoteServer
Upon completion of execution, on the RemoteServer machine, execute Netstat-an | grep 3000 to see if 3000 ports are open. and execute the following command to see if you can open a Web page on webserver
$ w3m http://127.0.0.1:3000
If you can open the interface, the mapping is successful. However, this is limited to native access to the Web server, that is, only remoteserver machines can access webserver. Because the 3000 port is bound to the 127.0.0.1 port of the remoteserver machine. You can edit the/etc/ssh/sshd_config file on the RemoteServer machine and add the following:
Add the Gatewayports yes  content and bind the listener Port 3000 to the 0.0.0.0 address so that all external machines can access the listening port and then save the exit. Restart the SSH service. When finished, other machines can enter http://remoteserver:3000 in the browser to access webserver.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.