ubuntu installation using SSH
The Ubuntu default does not have SSH service installed, and if you link Ubuntu via SSH, you will need to manually install Ssh-server. To determine whether to install the SSH service, you can do so by using the following command: xjj@xjj-desktop:~$ ssh localhost ssh:connect to host localhost Port 22:connection refused
As shown above, indicates that no installation has yet been made and can be installed via apt, commands as follows: xjj@xjj-desktop:~$ sudo apt-get install Openssh-server
The system will automatically install, after installation completes, starts the service first: xjj@xjj-desktop:~$ sudo/etc/init.d/ssh start
After startup, you can check to see if the service is starting correctly with the following command xjj@xjj-desktop:~$ ps-e|grep ssh 6212? 00:00:00 sshd
Start OK as indicated above. Note that the SSH default port is 22, you can change the port, stop after the change,
And then the start is OK. Change the configuration under/etc/ssh/sshd_config, as shown below. xjj@xjj-desktop:~$ Vi/etc/ssh/sshd_config # Package generated configuration file # the SSHD (8) manpage for< /c0> Details # What ports, IPs and protocols we listen for Port 22
Finally, it should be the time to connect. Please see the following command: xjj@xjj-desktop:~$ ssh email@example.com
install using SSH on Red Hat linux
First, install and start SSH
Most of the distributions on Red Hat Linux already contain openssh-related packages, and if not, you can download the OpenSSH's home page to install the RPM package, OpenSSH's homepage is the address: www.openssh.com. The main installation of the following packages: Openssh-3.5p1-6, openssh-server-3.5p1-6 openssh-askpass-gnome-3.5p1-6 openssh-clients-3.5p1-6 Openssh-askpass-3.5p1-6
Install using the following command:
First, check to see if the system has these packages installed. # Pm-qa |grep OpenSSH
If it is not installed, execute the following command. # RPM-IVH Openssh-3.5p1-6 # RPM-IVH openssh-server-3.5p1-6 # RPM-IVH openssh-askpass-gnome-3.5p1-6 # RPM-IVH Openssh-clients-3.5p1-6 # RPM-IVH Openssh-askpass-3.5p1-6
After the installation is complete, you can use either of the following two commands to start. # service sshd Start #/etc/rc.d/init.d/sshd start
Also, if you want to run the service automatically when the system starts, you will need to use the Setup command to select the sshd daemon in the system service option.
After Setup starts OpenSSH, test with the following command. # ssh-l [username] [Address of the remote host]
Description: [Username] is the remote host's username [address of the remote host] for the remote host
If the OpenSSH is working correctly, you will see the following message:
The authenticity of host [hostname] can ' t be established.
Key fingerprint is 1024 5f:a0:0b:65:d3:82:df:ab:44:62:6d:98:9c:fe:e9:52.
Are you sure your want to continue connecting (yes/no)?
The first time you log in, OpenSSH will prompt the user that it does not know the host of this login, as long as you type "yes", it will be the login host "identification Mark" added to the "~/.ssh/know_hosts" file. This message is no longer displayed when you visit this host for the second time. SSH then prompts the user to enter the password for the user account on the remote host. In this way, an SSH connection is established, which makes it easy to use SSH as you would with Telnet.
second, SSH Key management
1. Generate the user's own key pair
Use the following command to generate a public/private key pair: # Ssh-keygen T type
If the remote host is using SSH 2.x, this command will be used: # Ssh-keygen D
There is no problem with SSH1 and SSH2 keys on the same host because the keys are in different files. After the Ssh-keygen command is run, the following message appears: # ssh-keygen-t RSA
Generating public/private RSA key pair.
Enter file in which to save the key (/HOME/.USERNAME/SSH/ID_RSA):
Enter passphrase (empty for no passphrase):
Enter same Passphrase again:
Your identification has been saved in/home/.username.
Your public key has been saved In/home/.username/.ssh/id_rsa.pub.
The key fingerprint is:
Generating RSA keys:
Key generation complete.
The "ssh-keygen-d" command does the same job, but its save path for a pair of keys is by default:/HOME/[USER]/.SSH/ID_DSA (private key) and/home/[user]/.ssh/id_dsa.pub (public key). Now the user has a pair of keys: Public key to distribute to all users want to use SSH login remote host up; Private keys should be kept in good keeping to prevent others from knowing. With "# ls-l ~/.ssh/identity" or "# ls-l ~/.SSH/ID_DSA"
The file that is displayed by the command must have the "-RW-------" access permissions.
If the user suspects that their key is already known, a new pair of keys should be generated immediately. Of course, you will need to redistribute the public key again before you can use it properly.
2. Distributing public keys
On a remote server that each user needs to use SSH to connect to, create a subdirectory of ". SSH" under their home directory, copy the user's public key "Identity.pub" to this directory and rename it to "Authorized_keys". Then execute the command: # chmod 644. Ssh/authorized_keys
This step is essential. Because, if in addition to the user other than the "Authorized_keys" file also has Write permission, then if the illegal damage, SSH will not work properly.
If a user wants to log on to a remote host from a different computer, the Authorized_ keys file can also have multiple public keys. In this case, you must regenerate a pair of keys on the new computer, and then copy and paste the generated "identify.pub" file into the remote host's "Authorized_keys" file. Of course, the user must have an account on the new computer, and the key is password protected. It is important to remember to delete this pair of keys when the user cancels the account.
Iii. Configuring the Client for SSH
The advantage of using SSH under Linux clients is that it is easier to operate without any other software. But the disadvantage is not very intuitive. The user only needs to use the default profile "/etc/ssh/ssh_config" provided by the system and log on using the following simple command:
Log on to the remote server with user test www.test.com # ssh-l Test www.test.com
The following describes the configuration using the Putty tool in the Windows environment to log on to the SSH server. The tool is currently used fairly widely and can be downloaded free of charge from the Internet. The latest version of the current online is: Putty 0.58, after the installation of this version, the following steps to configure: Open the software, into the configuration interface, the software initially automatically open the session window. In the right half of the interface, enter the address of the server you want to log on remotely in the "Host Name (or IP addresses)" box, set to: 192.168.10.1, enter the default port number 22 in the Ports edit box, and then click the Save button to save the input configuration. As shown in Figure 1.
Figure 1 Configuring the IP address and port number click the "Open" button, the software connected to the server, display the results of the connection, users can do the appropriate remote management operations.
iv. Configuring automatic login for SSH
In the use of SSH described above, users need to enter a password every time the server is logged on, which is a bit of a problem for users. Because SSH fully uses the key mechanism, you can through a certain system configuration, and to achieve a configuration, after all do not have to enter a password for easy login purposes, the following Windows client, for example, explains how to configure SSH automatic login.
Under Windows, using the client software described earlier putty can also easily implement automatic login, mainly using the Putty tool Suite with the Puttygen tool, to generate a public/private key pair to achieve, the principle of the same as under Linux, the following describes configuration details.
1. Open the Puttygen tool and prepare to generate a public/private key pair, as shown in Figure 2, selecting the key type to generate SSH2 RSA.
Figure 2 Puttygengenerator Main interface
2. Click the "Generate" button to enter the public/private key generation interface, where the user needs to constantly move the mouse in the margin of the interface to ensure the random performance of the key generation.
3. When a public/private key is successfully generated, the user is prompted to save the public/private key pair. Click the Save Public Key button and the Save private key button to specify the path to save the key and the private key, respectively.
4. After using putty to connect to the server, copy the contents of the public key file to the server's corresponding home directory, log on to the remote system with your account, and then execute the following command. At this point, open the Id_rsa1.pub file with Notepad, select all the content, press CTRL + C to copy to the Clipboard, then press Shift+ins paste in the Putty window, and then press Ctrl+d to complete the creation of the file. This is the process of completing the public key distribution. # cd ~ # mkdir. SSH # CD. SSH # cat > Authorized_keys
5. Once you use the Putty Connection server again, you can log on automatically without requiring the user to enter a password.
Through the installation, configuration and use of the above, users can safely and securely use SSH software to carry out data transmission under Linux. SSH software is very powerful, in addition to the content described in this article, there are "secret channels", the use of SCP commands and other functions, interested readers can refer to the relevant information in order to obtain a more secure and convenient use of the effect.
v. Access to Linux via WinSCP
Download a winscp, download after installation, run in fact and Putty almost host name fill in the hostname ip,user name fill in the username, password fill in the password, save the button before the login button to enter the
vi. SSH Configuration
SSH profile directory:/etc/ssh/sshd_config port SSH preset ports, you can repeatedly use port to define multiple ports Protocol 2 SSH version of the contract, can be 2 or 1 listenaddress 0.0.0.0 SSH Listener address defaults to all listening permitrootlogin on whether to allow log on as root, by default Yes, Userlogin on whether to accept login on SSH
vii. Login server with SFTP
The command to log on to the server with SFTP is: # sftp-oport=22 firstname.lastname@example.org oport port number email@example.com username @ip
Enter the server sshuser password login, then display a sftp> environment, this time, type help you will see all the commands, and the FTP command-line tools very similar, such as Get,put and so on.