Transferred from: http://blog.csdn.net/zxs9999/article/details/6930736
Ubuntu installation using SSH
Ubuntu does not have the default SSH service installed, if you link ubuntu via SSH, you need to manually install Ssh-server. To determine if the SSH service is installed, you can do this by:
- XJJ@xjj-desktop:~$ ssh localhost
- Ssh:connect to host localhost port 22:connection refused
As shown above, it means that no installation has yet been installed and can be installed via apt, with the following commands:
- XJJ@xjj-desktop:~$ sudo apt-get install openssh-server
The system will be installed automatically, after the installation is complete, start the service first:
- XJJ@xjj-desktop:~$ sudo/etc/init.d/ssh start
After you start, you can see if the service starts correctly with the following command
- XJJ@xjj-desktop:~$ ps-e|grep ssh
- 6212? XX: +sshd
The above indicates the start OK. Note that the default SSH port is 22, you can change the port, stop before changing,
And then start is ready. The configuration is configured under/etc/ssh/sshd_config, as shown below.
- XJJ@xjj-desktop:~$ vi/etc/ssh/sshd_config
- # Package generated configuration file
- # See the sshd (8) manpage for details
- # What ports, IPs and protocols we listen for
Finally, it should be the time to connect. Take a look at the following command:
- XJJ@xjj-desktop:~$ ssh firstname.lastname@example.org. 158.129
install using SSH on Red Hat linux
First, install and start SSH
Most of the distributions on Red Hat Linux already contain openssh-related packages, and if not, you can install the RPM package on OpenSSH's home page, OpenSSH's homepage is the address: www.openssh.com. The following packages are mainly installed:
- Openssh-3.5p1-6, Openssh-server-3.5p1-6
Install using the following command:
First, query whether the system has installed the above package.
- # Pm-qa |grep OpenSSH
If not installed, execute the following command.
- # RPM-IVH openssh-3.5p1-6
- # RPM-IVH openssh-server-3.5p1-6
- # RPM-IVH openssh-askpass-gnome-3.5p1-6
- # RPM-IVH openssh-clients-3.5p1-6
- # RPM-IVH openssh-askpass-3.5p1-6
After the installation is complete, you can start with either of the two commands described below.
- # service sshd Start
- #/etc/rc.d/init.d/sshd Start
In addition, if you want to run the service automatically when the system starts, you need to use the Setup command, and in the options of the Systems service, select the sshd daemon.
After the installation starts OpenSSH, test it with the following command.
- # ssh-l [username] [Address of the remote host]
- [Username] is the user name of the remote host
- [Address of the remote host] is the location
If OpenSSH is working properly, you will see the following message:
The authenticity of host [hostname] can ' t be established.
Key fingerprint is 1024x768 5f:a0:0b:65:d3:82:df:ab:44:62:6d:98:9c:fe:e9:52.
Is you sure want to continue connecting (yes/no)?
At the first login, OpenSSH will prompt the user that it does not know the login host, as long as you type "yes", the login host's "Identification tag" will be added to the "~/.ssh/know_hosts" file. The second time you visit this host, this message will not be displayed again. Then, SSH prompts the user to enter the password for the user account on the remote host. In this way, SSH connections are established, which can then be used as easily as you would with Telnet.
second, SSH Key management
1. Generate the user's own key pair
Use the following command to generate a public/private key pair:
- # Ssh-keygen T Type
If the remote host is using SSH 2.x, this command should be used:
- # Ssh-keygen D
There is no problem with SSH1 and SSH2 keys on the same host, because the keys are in different files. The following message is displayed after the Ssh-keygen command is run:
- # ssh-keygen-t RSA
Generating public/private RSA key pair.
Enter file in which to save the key (/HOME/.USERNAME/SSH/ID_RSA):
Enter passphrase (empty for no passphrase):
Enter same Passphrase again:
Your identification has been saved In/home/.username/.ssh/id_rsa.
Your public key has been saved In/home/.username/.ssh/id_rsa.pub.
The key fingerprint is:
38:25:c1:4d:5d:d3:89:bb:46:67:bf:52:af:c3:17:0c [email protected]
Generating RSA keys:
Key generation complete.
The "ssh-keygen-d" command does the same job, but its pair of keys are saved by default:/HOME/[USER]/.SSH/ID_DSA (private key) and/home/[user]/.ssh/id_dsa.pub (public key). Now the user has a pair of keys: Public key to be distributed to all users want to SSH login to the remote host up; The private key must be well kept to prevent others from knowing. With
- # ls-l ~/.ssh/identity "or" # ls-l ~/.SSH/ID_DSA "
The file that is displayed by the command must have access to "-RW-------".
If the user suspects that their key has already been known, a new pair of keys should be generated immediately. Of course, this will require redistribution of the public key before it can be used properly.
2. Distributing public keys
On each remote server that the user needs to connect with SSH, create a subdirectory of ". SSH" in their home directory and copy the user's public key "Identity.pub" to this directory and rename it to "Authorized_keys". Then execute the command:
- # chmod 644. Ssh/authorized_keys
This step is essential. Because, if in addition to the user other than the "Authorized_keys" file also has Write permission, then if the illegal damage, SSH will not work properly.
If a user wants to log on to a remote host from a different computer, the Authorized_ keys file can have multiple public keys. In this case, you must regenerate the pair of keys on the new computer, and then copy and paste the generated "identify.pub" file into the "Authorized_keys" file of the remote host. Of course, the user must have an account on the new computer, and the key is password protected. It is important to remember to delete this pair of keys when the user cancels the account.
Third, configure the SSH client
The advantage of using SSH under Linux clients is that it is easier to operate without the need for additional software. But the disadvantage is not very intuitive. Users only need to use the system-provided default profile "/etc/ssh/ssh_config" and log in using the following simple commands:
Log on to the remote server with user test www.test.com
- # ssh-l Test www.test.com
The following main introduction configures the use of the Putty tool in the Windows environment to log on to the SSH server. The tool is currently used fairly widely and can be downloaded free of charge from the Internet. Currently the latest version of the Internet is: Putty 0.58, after the installation of this version, the following steps to configure:
- Open the software, enter the configuration interface, the software initially automatically open session window.
- In the right half of the interface, in the "Host Name (or IP address)" edit box, enter the server address you want to telnet to, this is set to: 192.168.10.1, enter the default port number 22 in the Ports edit box, and then click the "Save" button to save the input configuration, As shown in 1.
Figure 1 Configuring the IP address and port number
- Click the "Open" button, the software to connect to the server, display the results of the connection, the user can do the appropriate remote management operations.
Four, configure automatic login ssh;
in the use of SSH described above, users need to enter a password each time they log on to the server, which is a bit of a hassle for users. Due to SSH full use of the key mechanism, then can be configured through a certain system, and to achieve a configuration, after all do not have to enter the password, convenient for the purpose of login, following the Windows client as an example of how to configure automatic login ssh.
under Windows, using the client software described earlier putty also facilitate automatic login, mainly using the Putty Tool Suite's own Puttygen tool to generate a public/private key pair, the same principle as in Linux, The configuration details are described below.
1. Open the Puttygen tool, prepare to generate a public/private key pair, as shown in 2, and select the key type that generates SSH2 RSA.
Figure 2 Puttygengenerator main interface
2. Click the "Generate" button, then enter the public/private key generation interface, the user needs to move the mouse in the blank space, to ensure the random performance of key generation.
3. When the public/private key is successfully generated, the user is prompted to save the public/private key pair. Click on the "Save public Key" button and the "Save private Key" button to specify the path to save the key and the private key, respectively.
4. After using putty to connect to the server, copy the contents of the public key file to the appropriate home directory of the server, log in to the remote system with your own account, and then execute the following command. At this point, open the Id_rsa1.pub file with Notepad, select everything, press CTRL + C to copy to the Clipboard, then press Shift+ins paste in the Putty window, and then press Ctrl+d to finish creating the file. This is the process of completing the public key distribution.
- # CD ~
- # mkdir. SSH
- # CD. SSH
- # cat > Authorized_keys
5. When you use putty to connect to the server again, you can log on automatically without requiring the user to enter a password.
With the above installation, configuration and use, users can safely and securely use SSH software for data transmission under Linux. SSH software is very powerful, in addition to the content described in this article, there are set "secret channel", the use of SCP commands and other functions, interested readers can refer to the relevant information, in order to obtain a more secure and convenient use effect.
V. Access to Linux through WINSCP
- Download a winscp, install, run after download
- In fact, and Putty almost host name fill in the host Ip,user name fill in the username, password fill in the password, first click the Save button and then login button to enter
Six, SSH configuration
SSH configuration file directory:/etc/ssh/sshd_config
- Port in SSH preset ports, can be reused port to define multiple ports
- Protocol 2 SSH protocol version, can be 2 or 1
- ListenAddress 0.0.0.0 SSH listener address is all listening by default
- Permitrootlogin on is allowed to log in as root, the default is yes,
- Userlogin on SSH Accept login Login
Vii. Log in to the server with SFTP
The commands to log in to the server with SFTP are:
- # email@example.com. 34.33
- Oport Port number
- [email protected] User name @ip
Enter the server sshuser password login, and then display a sftp> environment, this time, type help you will see all the commands, and the FTP command line tool very similar, such as Get,put and so on.
Original Posts http://www.javaeye.com/topic/212750
Linux installation using SSH (Ubuntu&&redhat)