Linux SSH operation parsing and LinuxSSH operation Parsing
1. view the SSH status:
Service sshd status
Check whether ssh has been started and some status information
2. Start the SSH service:
Systemctl restart sshd. service
Ps: some basic services under fedora are controlled through the systemctl restart/stop xxx. service operation, such as apache server: httpd. service and Firewall service firewalld. service.
3. SSH configuration file path:
/Etc/ssh/sshd_config. Configure the port number and permissions of the ssh connection
4. Disable the Firewall
Systemctl disable firewalld. service
It is not appropriate to close the firewall. It is better to use the following command:
5. Add port 22 (or other custom ports) to the firewall settings and mark it as Accept.
Iptables-a input-p tcp -- dport 22-j ACCEPT
Check the ssh configuration file. The default port number is 22.
6. Firewall Configuration File Path:
/Etc/sysconfig/iptables
Some basic operations on the SSH component:
First, log on to the remote server:
Ssh user@192.168.1.28
User indicates the user Name of the remote server. Enter the password here.
Use scp for file operations:
User@192.168.1.28:/home/xxx
File Download: You can check the file upload path.
Use sftp to upload and download files:
Similar to ftp tools, sftp facilitates directory resource management.
Logon:
Format: sftp-oPort = <port> <user >@< host>
Connect to
Common commands for sftp connection success are as follows:
Help /? Print help information.
Pwd: view the current directory of the remote server;
Lpwd to view the current directory of the local system.
Cd <dir> change the current directory of the remote server to <dir>
LCD <dir> change the current directory of the local system to <dir>.
Ls displays the file name of the current directory on the remote server;
Ls-l displays the detailed list of files in the current directory on the remote server
Ls <pattern> displays the file name of the remote server that meets the specified mode <pattern>;
Ls-l <pattern> displays the detailed list of objects that match the specified mode on the remote server.
Lls displays the file name of the current directory on the local system;
Other lls parameters are similar to those of the ls command.
Get <file> download a specified file <file>;
Get <pattern> downloads the file that meets the specified mode <pattern>.
Put <file> upload a specified file <file>;
Get <pattern> uploads objects that conform to the specified mode <pattern>.
Whether the progress of file transfer is displayed during the progress switchover.
Mkdir <dir> create a directory on the remote server;
Lmkdir <dir> create a directory on the local system.
Exit/quit/bye to exit sftp.
! Start a local shell.
! <Commandline> run the local command line.
Other Commands include chgrp, chmod, chown, ln, lumask, rename, rm, rmdir, symlink, and version.
Keep in mind: In sftp mode, there will be an 'L' before local file operations'
Password-free login:
Ssh provides a key pair authentication mechanism to upload the public key file to the server and import the Public Key library file. In this way, the client can log on without entering a password.
1. Generate a key file:
[luncher@localhost test]$ ssh-keygen -t rsaGenerating public/private rsa key pair.Enter file in which to save the key (/home/luncher/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/luncher/.ssh/id_rsa.Your public key has been saved in /home/luncher/.ssh/id_rsa.pub.The key fingerprint is:9e:39:ec:d8:fa:46:02:6a:d1:36:b9:83:04:75:95:b9 luncher@localhost.localdomainThe key's randomart image is:+--[ RSA 2048]----+| .. ...o ||. . o || . . . . || o * E || . = + S || + o .o.o || . . o* || +.. || o++ |+-----------------+
Ii. Use the scp command to copy the public key to the server
[luncher@localhost test]$ scp /home/luncher/.ssh/id_rsa.pub luncher@192.168.1.17:/tmpid_rsa.pub 100% 411 0.4KB/s 00:00 [luncher@localhost test]$
3. Import the public key to the verification key file on the server
cat /tmp/id_rsa.pub /home/luncher/.ssh/authorized_keys
4. Use ssh-agent and ssh-add to manage keys
Ssh-agent is used to manage keys. ssh-add is used to add keys to the ssh-agent. SSH can communicate with the ssh-agent to obtain keys, so that you do not need to enter the password manually.
End ~