One, the Linux system SSH service
1. What is SSH?
SSH is secure shell protocol shorthand, SSH is to the online packet through encryption before transmission, to ensure data security. SSH is a security protocol that is specifically provided for Telnet sessions and other network services.
Special reminder : SSH customer service also includes SCP secure copy command and SFTP file transfer service , also work through SSH protocol.
Second, SSH service other ancillary services
1) Check if the openssl/openssh service is installed
[Email protected] ~]# Rpm-qa OpenSSH
openssh-5.3p1-104.el6.i686
[Email protected] ~]# Rpm-qa OpenSSL
openssl-1.0.1e-30.el6.i686
2) If no installation can be installed using Yum
Yum-y Install OpenSSL OpenSSH
3) Check that port number 22nd is activated.
Lsof-i: 22
NETSTAT-TUNPL |grep sshd
2.SSH Service Certification
[Email protected] ~]# ssh-p22 [email protected]
[email protected] ' s password:
Last Login:sun April 14:02:02 from 10.0.0.130
[Email protected] ~]#
sshd configuration file/etc/ssh/sshd_config
~]# Cat ~/.ssh/known_hosts-----Key location, if you delete the key file, you will be prompted to enter yes again.
How SSH connects to other machines
[Email protected] ~]# ssh-p22 [email protected]
If the connection times is wrong:no route to host or confuse is the firewall turned off
Reasons for not connecting:
1) Server firewall open:/etc/init.d/iptables stop
2) SSH customer service side to the server line has a problem, use ping check
3) There is a problem with the SSH service, using Telnet detection
3.SSH client side with Remote copy command SCP
SCP---Secure remote copy command scp-secure copy (remote file copy program)
Scp-p22-r-p/etc/[Email protected]:/tmp/
Scp-p22-r-P [email protected]:/data/tmp/
[Email protected] ~]# scp-p22-r-p/etc/[email protected]:/tmp/
Summary of SCP Knowledge:
1.SCP is an encrypted copy, secure,
2. You can push the data of one machine to another, or you can pull the computer
3. Each copy is a full-volume full copy, so it is suitable for the first copy, and rsync is used if needed incrementally
Included with the 4.SSH servicesftp functionService
Connection:
[Email protected] tmp]# sftp-oport=22 [email protected]
Connecting to 10.0.0.139 ...
Upload:
Sftp>put/etc/hosts
Uploading/etc/hosts to/root/hosts
/etc/hosts 100% 158 0.2kb/s 00:00
Sftp>
Download:
Sftp>Get/etc/rc.local/tmp
Fetching/etc/rc.local to/tmp/rc.local
/etc/rc.local 100% 356 0.4kb/s 00:00
Sftp>
SFTP Summary:
Connection: sftp-oport=22 [email protected]
Uploaded: Put/etc/hosts/tmp
Download: get/etc/rc.local/tmp
This section highlights:
1.SSH for encrypted remote connection protocol related software has openssh OpenSSL
2. The default port is: 22
3. Protocol version 1.x 2.x,2.x more secure
4. Server SSH remote Connection service, SFTP service, sshd daemon boot to start from.
5.SSH client side includes SSH SCP sftp command
6.SSH Service Security optimization, modify the default port 22, prohibit root remote connection, prohibit dns,ssh just listen to the intranet IP
This article is from "Wake up your not alarm clock but dream" blog, please be sure to keep this source http://purify.blog.51cto.com/10572011/1787099
SSH service and SCP command related knowledge