Remote Management in a Linux network environment

Article title: remote management in a Linux network environment. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

Considering the cost of security and informatization, more and more enterprises are deploying Linux network environments. The increasing number of servers built on Linux is a good example. However, since Linux was not as popular as Microsoft's operating system in the past, many network administrators may not be familiar with the Linux network environment. Today, I will talk about how to perform remote management in a Linux network environment. This is a little different from the network environment in Windwos.

　I. Use SSH protocol instead of Telnet protocol

In Microsoft's network environment, everyone may be accustomed to using Telnet to remotely manage Microsoft's server systems. However, this protocol has some defects. For example, the Telnet protocol is not encrypted during data transmission. Therefore, using Telnet to remotely log on to the system, accounts and passwords are easily stolen. However, the SSH protocol makes up for this defect. it adopts encryption in the process of data transmission. Therefore, in terms of data security, the SSH protocol is relatively secure. Therefore, in a Linux network environment, Linux network servers often do not enable the Telnet service, but use SSH instead of Telnet.

The login method is the same as the Telnet method, but the word is different. In Linux Terminal command line, we only need to enter the ssh keyword, followed by the server IP address. For example, ssh 192.168.0.6.

We can not only remotely manage the Linux server system on the Linux client, but also remotely log on to the Linux server using the SSH service on the Microsoft client, maintain and manage servers. However, because of Microsoft's operating system, the current built-in Telnet protocol is not installed with the SSH service. Therefore, to use the SSH service to remotely manage Linux servers, a third-party management tool is required. I am using PUTTY. This tool is open-source and can be downloaded from the Internet at will. Its capacity is not large, only about K.

This tool supports not only the SSH protocol, but also other remote connection services such as Telnet. In addition, it can save some original connections, which is very useful for maintaining Linux clients and servers. We can save all the SSH connection methods of Linux servers. when necessary, we do not need to enter IP addresses repeatedly, but only need to select.

By default, the Root account is the administrator account of the Linux system. However, for the sake of security, we usually do not need this account to manage servers. For example, if we deploy an Oracle database system on a Linux server, we usually create another Oracle administrator account. In the future, the maintenance and management of Oracle databases are basically managed through the Oracle account. Therefore, sometimes, when remotely logging on to the server, we want the root account to be unable to remotely log on to the server. By default, Linux servers allow remote management as root. If we want to disable ssh login for this account, we need to modify the relevant configuration file. For example, when we open the/etc/ssh/sshd_config file, we can see the following content.

We only need to change the # PermitRootLogin yes content to PermitRootLogin no. In this case, the Linux server will reject the next time the root account is used for remote connection. This is out of security considerations. If an enterprise deploys only one application server on a Linux server, such restrictions are completely necessary. However, if you deploy an Oracle database system on a server, there are also mailbox servers and other application services, for ease of management, there is no need to disable remote logon from the ROOT account.

[1] [2] Next page