SSH service optimization and client command usage

in the previous section, we explainedVima set of use methods, today we start our first network serviceSSH. SSHThe English name isSecure SHell. By usingSSH, we can encrypt all the transmitted data so that the "man in the middle" attack is impossible, and it can preventDNSand theIPdeception. He's our local computer .SecureCRTtelnet to the server for the service that you want to open. If it is not turned on, it is not logged into our server. Our server operating system already has the service installed by default.There are children shoes curious to ask, before we have already talked about this service, how to repeat it here? We're just using it here. We're a little bit deeper. 650) this.width=650; "src=" Http://img.baidu.com/hi/ldw/w_0001.gif "alt=" w_0001.gif "/>

SSH Service Introduction

1.ssh secure encryption protocol for remote connection to the server

2. The default port is $, the security protocol version is SSH2

3. The service side mainly contains two service functions ssh remote connection,sftp service.

4.ssh Client contains SSH connection commands, and remote copy SCP orders and so on.

5. Structure:the SSH service is provided by the server-side software openssh and the client software (Securecrt,xshell ) composition.

Working principle:

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/7C/7E/wKiom1bRcyKzGeFeAABKMXA0IiE561.png "title=" Qq20160227161214.png "alt=" Wkiom1brcykzgefeaabkmxa0iie561.png "/>

From the diagram we can see that their connection is not very simple. It's easy to configure, so let's take a look at his configuration file:

1.ssh the configuration file directory for the service is: /etc/ssh and the /etc/ssl ( This is related to the key ) .

2. Server configuration file:/etc/ssh/sshd_config

3. Client configuration file:/etc/ssh/ssh_config

Actual use:

in the actual work, we will SSH services are optimized to be applied to the client SCP , SSH

Command , SSH bulk distribution and management of services. Well, let's start our first experiment.

A. ssh service optimization scheme

Here are the steps:

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/7C/7E/wKiom1bRc1DB9FGjAAD_tfVroog966.png "title=" QQ picture 20160227163845.png "alt=" Wkiom1brc1db9fgjaad_tfvroog966.png "/>

Add the following at the end

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/7C/7D/wKioL1bRc-iQ6gE7AAAvT8kDTgQ808.png "title=" QQ picture 20160227165222.png "alt=" Wkiol1brc-iq6ge7aaavt8kdtgq808.png "/>

gssapiauthentication No whether to allow use based on GSSAPI the user authentication

Usedns No whether to use DNS Service

Port What is the port number (note that the port number is changed to greater than the above)

Permitrootlogin No Disabled Root User Login.

Note: After changing the service profile to restart the service Oh! Above optimization, if it is small company recommended port number do not change, do not disable root. for what? Because the Small Business Server may be one or two, they will use the sftp upload file, we just make the root user password complex, Later I will tell you how to not optimize can also be very safe.

Note: Why should services be optimized? The answer is that service optimization is designed to make services more secure and stable faster.

two. How to use SSH client commands:

1. Purpose: On LAN we sometimes want to go directly from one server to another server or upload a file from one server to another.

2 The operation is as follows

Remote connection and execution commands

650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/7C/7E/wKiom1bRc6DQQOWkAAFG9GyXgnE789.png "title=" QQ picture 20160227171807.png "alt=" Wkiom1brc6dqqowkaafg9gyxgne789.png "/>

Note that if you want to exit from another server, enter the command directly: Exit Enter

Copy the files on this computer to the remote server

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/7C/7E/wKiom1bRc8fQTHRBAABLkLU0IK8236.png "title=" QQ picture 20160227173636.png "alt=" Wkiom1brc8fqthrbaablklu0ik8236.png "/> now I want to pull the files on the remote server to my local server as follows

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/7C/7D/wKioL1bRdFjzrnilAAA7Np2kkaw873.png "title=" QQ picture 20160227173910.png "alt=" Wkiol1brdfjzrnilaaa7np2kkaw873.png "/>

Summary: SCP The purpose of the command is to transfer files from two servers back and forth. He's using a port, and the command structure is:

S Cp–p22–r–p @IP address: / directory /

S Cp–p22–r–p @IP address: /  /

notes: - P Specify Port - R is the representative to test the catalogue - P represents the Keep file directory property

Since the bulk management and distribution of SSH services involves other knowledge, it is not explained here. All right! We'll be here today 650) this.width=650; "src=" Http://img.baidu.com/hi/ldw/w_0014.gif "alt=" W_0014.gif "/>

This article from "Lele Run" blog, please be sure to keep this source http://10851431.blog.51cto.com/10841431/1745601

SSH service optimization and client command usage