SSH (Secure Shell Protocol) service for Linux

Before data transfer, SSH will encrypt the data that needs to be transferred, ensure the security of the session security, the SSH client also contains a remote copy SCP.

1, the structure of SSH

SSH service is composed of server Software (OPENSSH) and client (SSH, SECURECRT, Xshell), SSH uses 22 port by default, SSH server is a daemon, listen to client's request in background, sshd is the process name of SSH server.

Add: (daemon)

A daemon is a process that runs in the background and is not controlled by any terminal. UNIX operating systems have many typical daemons (the number of which varies depending on need or 20-50), they run in the background and perform different administrative tasks. The user makes the Daemon independent of all terminals because the same terminal may be used by other users when the daemon is booted from a terminal. For example, the user exits after starting the daemon from one terminal, and then another person logs on to the terminal. The user does not want the latter to receive any error messages from the daemon during the use of the terminal. Similarly, any signal from the terminal key person (such as an interrupt signal) should not affect the operation of any daemons that were previously initiated at that terminal. While it is easy to make the server run in the background (as long as the shell command line ends in & ), the user should also do some work to get the program itself into the background automatically and not rely on any terminal. The daemon does not control the terminal, so when certain situations occur, whether it is general reporting information or urgent information that needs to be handled by the administrator, it needs to be output in some way. The Syslog function is the standard way to output this information, which sends the message to the SYSLOGD daemon. 

2. SSH Authentication type

(1) Password-based security authentication, which is commonly said account number, password, port, IP login

(2) Security verification based on key

Establish a pair of key pairs in advance, then put the public key on the server side, the private key in the SSH client, finally through the key authentication method to encrypt the transmission of data.

3. SCP

NAMESCP-Secure Copy (remotefilecopy program) #安全拷贝SYNOPSISSCP[ -1246BCPQRV] [-C Cipher] [-F Ssh_config] [-I identity_file] [-L limit] [-O ssh_option] [-P port] [-S Program] [[Email Protected]]host1:]file1 ... [[Email Protected]]host2:]file2descriptionSCPCopies files between hosts on a network. (SCP is a copy of files across the web via host) It usesSSH(1) fordata transfer, and uses the same authentication and provides the same security asSSH(1). Unlike RCP (1),SCPwould ask forpass-words or passphrasesifThey is needed forauthentication. File names contain a user and host specification to indicate thefilewas to was copied to/from that host. Localfilenames can made explicit using absolute or relative pathnames to avoidSCPTreatingfileNames containing ': ' As host speci-Fiers.     Copies between the also permitted, the remote hosts. When copying a sourcefileto a targetfile whichalready exists,SCPWould replace the contents of the targetfile(keeping the inode). If the targetfileDoes not yet exist, an emptyfileWith the targetfileName is created, ThenFilled with the sourcefilecontents. No attempt is made at"near-atomic"transfer using temporary files.

-P Port

-P Hold Property

-R Copy Directory

4. FTP function Service SFTP

Upload:

[Email protected] tmp]# sftp-oport= A[Email protected]192.168.181.129connecting to192.168.181.129... [Email protected]192.168.181.129's Password:Sftp> put/tmp/666/tmpStat/tmp/666: No Suchfileor Directorysftp> put/tmp/123txttmpuploading/tmp/123. txt to/tmp/123. txt/tmp/123. txt -%0     0.0kb/sxx:xx    

View Upload Success!

Download:

sftp> get/tmp/666 //tmp/666 to/tmp/666sftp> get/tmp/666 //tmp/666 to/opt/666

Check download to local success!

SSH (Secure Shell Protocol) service for Linux