OpenSSH enables one-time automatic management of multiple servers

OpenSSH enables one-time automatic management of multiple servers-Linux Enterprise applications-Linux server application information. The following is a detailed description. The Linux System Administrator understands that the Secure Shell protocol is one of the most convenient and critical tools in the software toolkit. This article will introduce how open-source SSH, called OpenSSH, works and its significance to the Linux system environment.

SSH can automatically manage multiple servers at one time through the network management shell or Perl script. Of course, other network shell tools such as RSH appear longer than SSH. However, SSH adds powerful encryption and Data Compression functions to secure file transmission over the network. Most popular SSH even provides SFTP and SCP functions. Among the many SSH projects, the most popular one is the OpenSSH project developed and maintained by the OpenBSD community. OpenSSH can be used on almost all operating system platforms, including Microsoft Windows.

　　 Role of SSH

SSH protects full remote shell threads from hacker and malware intrusion through powerful encryption functions. The end-to-end protection capability can provide complete protection from the beginning to the end of the thread, although the trusted host authentication scheme and the pre-key exchange between systems help improve security, however, OpenSSH does not require certificates or pre-key exchanges to establish an encrypted remote thread.

In addition, SSH can use the SFTP function to enable FTP-like file transmission threads to encrypt, and allow users' passwords and user names to be transmitted encrypted rather than plaintext. SCP also provides secure and convenient transmission capabilities for more situations, such as single file transfer operations, it transfers files over the network using an encrypted file copy command.

　　 Use and configure a Linux Client

Installing OpenSSH on mainstream Linux systems is very simple. You only need a simple package management command. For example, to install OpenSSH In Debian GNU/Linux, you only need to log on as root and enter apt-get install ssh in command line mode. Similarly, in Fedora Core Linux, you only need to log on as root and enter yum install ssh. However, these two command lines are generally not required because OpenSSH is installed by default in Debian and Fedora Core. For any Linux system, if you want to check whether OpenSSH is installed, simply enter ssh. After you press enter, if the system has installed OpenSSH, the system returns the complete Use information about OpenSSH.

To use the OpenSSH client to access the system running the OpenSSH server through the command line, you only need to enter the ssh host. The host here refers to the host name of the target system. If the network does not have DNS resolution, or the host name is not listed in the/etc/hosts file, you need to directly enter the IP address of the host, such as ssh 192.168.0.1.

Configuration files within the OpenSSH system are generally located in the/etc/ssh directory. The main configuration file of the OpenSSH client is/etc/ssh/ssh_config. In most versions of OpenSSH, detailed annotations are provided in the configuration file. In some Linux systems with large circulation, such as Debian, you can use the command line man ssh_config to obtain more configuration information about the OpenSSH client.

A major security configuration item is ForwardX11. setting this option to "no" can prevent the OpenSSH client from automatically sending X Window System information to the network, otherwise, even if X Windows is not used on the SSH link, the information may still be sent. In this option, you can use the-X command line parameter to specify a specific SSH connection to send information about the X Window System. Other configurations in the etc/ssh/ssh_config file can help you implement or enhance network security policies to meet certain security requirements.

　　 Windows-based SSH client

There are quite a few SSH clients in Windows, some of which are commercial software, others are free software or shared software, and of course there are open source software such as OpenSSH. Although some of the software is part of the Unix simulator shell, it is still a command line client, but most of them have developed a graphical interface with the Windows system. Among these free software with graphic interfaces, WinSCP supports SCP and SFTP, and PuTTY supports SSH shell. After reading the usage of the OpenSSH client in Linux, you will find that the WinSCP and PuTTY with graphical interfaces are much easier to understand in terms of configuration and use. OpenSSH in Windows, also known as OpenSSH for Windows, supports port settings.