Learning Records 014-SSH Batch Distribution

First, SSH service introduction

1.ssh secure encryption protocol for remote connection to the server

2. The default port is 22, the security protocol version SSH2, it can support both RSA and DSA keys, SSH1 only support RSA

3. The server mainly includes two service functions SSH remote connection, SFTP service

4.SSH client includes SSH connection command, and remote copy SCP command

5.SSH service by server-side software openssh and client ssh (putty, etc.)

6.Pivate key and public key private key and key

7. The configuration file/etc/ssh/sshd_config D indicates the server, no D represents the client

Authentication type of 8.SSH service: password-based security verification, key-based authentication

9.lsof-i: 22 or Netstat-lntup|grep 22 give you the port number, query the port number of what services

10.ssh1.x schematic diagram

Related blog: http://oldboy.blog.51cto.com/2561410/1300964
(SSH connection slow solution)
http://phenixikki.blog.51cto.com/7552938/1546669
(experience with SSH tampering)

10.ssh-p22 [email protected] or SSH [email protected]/sbin/ifconfig This command can directly see the IP access ifconfig# the command used to connect to the remote machine, if not connected, or the port is not , or the network has a problem, if the first time the connection, the local will generate a key ~/.ssh/known_hosts (can be multiple)

II. Introduction to remote copy SCP included with SSH client

SCP (Secure copy abbreviation) (Remote file copy program)
Usage push and Pull: scp-p22 1.txt [Email protected]:/mnt/3.txt
SOURCE Target

[Email protected] ~]$ scp-p22 [email protected]192.168.3.111:/mnt/3. txt. [Email protected]192.168.3.111's Password:3. txt -% A 0.0kb/sxx:xx[[Email protected]~]$ lltotal8-rwxrwxrwx.1Oldgirl Oldgirl AJulTen  on: at 1. txt-rwxrwxr-x.1Oldgirl Oldgirl AJulTen  on: - 3. txt

Related blog Posts:
SCP Dislocation (Permission denied two cases) http://www.360doc.com/content/13/0929/13/6496277_317840402.shtml
Http://www.linuxidc.com/Linux/2015-11/125214.htm

Third, the SSH service comes with the SFTP function service

1.sftp-oport=22 [email protected]
Upload the put plus client local path, or you can specify a path upload, put/etc/hosts/tmp
Download the contents of the Get server, download to the local current directory

SFTP usage in 2.windows
Using the SECURECRT client, click on the Connection Sftp tab in the upper left corner of the page, go to the page to edit, use put "D:\1.txt" to upload the file, or get "XX" get after the path in the option in the options in the session option in the Sftp tab of the directory.
SECURECRT Client Use tips: http://blog.csdn.net/jinshuaiwang/article/details/40424039

Iv. Bulk Distribution

Requirements: Require all servers under the same user Oldboy system user, the implementation of a machine from the local distribution of data to the B machine, in the distribution process does not need to prompt the system password authentication. In addition to distribution, you also need to be able to view the Cpu,load,mem, system version and other usage information in bulk.

The

-t parameter in the 1.ssh-keygen-t DSA refers to the establishment of the type of the key, in this case, the establishment of a DSA type, can also be performed
Ssh-keygen-t RSA to establish RSA type
RSA and DSA Differences
RSA: is a cryptographic algorithm, is composed of the first letters of the three names of Ron Rivest Adi Shamir and Leonard Adleman
DSA: shorthand for the English full name of the digital signature algorithm, that is, digitally Signature algorithm
Bulk Distribution script:
 

#！ /bin/shif1"usge:/bin/sh $ argl"1  fifor in89do-p22 [email protected ]192.168. 3. $n $1   done

2. Public key and private key (figure)

[email protected] ~]$ ll ~/-Altotal $drwx------.5Oldboy Oldboy4096JulTen  +: Wu. drwxrwxrwx.9 777Oldgirl4096JulTen Ten: - ..-RW-------.1Oldboy Oldboy7JulTen  One: A. Bash_history-rw-r--r--.1Oldboy Oldboy -Feb +  -. Bash_logout-rw-r--r--.1Oldboy Oldboy176Feb +  -. Bash_profile-rw-r--r--.1Oldboy Oldboy124Feb +  -. BASHRCDRWXR-xr-x.2Oldboy Oldboy4096Nov One  .. GNOME2DRWXR-xr-x.4Oldboy Oldboy4096June -  Geneva: +. mozilladrwx------.2Oldboy Oldboy4096JulTen  +: Wu. Ssh[[email protected]~]$ ls-l. ssh/ Total8-RW-------.1Oldboy Oldboy668JulTen  +: WuID_DSA #私钥-rw-r--r--.1Oldboy Oldboy601JulTen  +: Wuid_dsa.pub #公钥 [[email protected]~]$ ls-ld. ssh/drwx------.2Oldboy Oldboy4096JulTen  +: Wu. ssh/#权限700

3. Distributing the public key

Ssh-copy-id-i. ssh/id_dsa.pub [Email protected]
If the non-default port: Ssh-copy-id-i. ssh/id_dsa.pub "-p4355 [email protected]"

4. Successful results
SSH [email protected] #直接登录不要密码

Summary:
1. Understand the principle of public key private key
The principle of 2.ssh-copy-id is to copy the. ssh/id_dsa.pub to the. SSH directory below 192.168.3.110 (create permissions in advance 700), and change the name to Authorized_keys (permission becomes 600)
3. Password-free login verification when one-way
4. User-based, preferably not across different users

Learning Records 014-SSH Batch Distribution