LINUX redhat nineth Unit documentation

1.openssh-server

function: Allow remote host to access sshd service over the network, start a secure shell

2. Client Connection Mode

SSH Remote Host user @ remote host IP

[ [email protected] ~]# ssh [email protected] x.x.x.x

The authenticity of host ' x.x.x.x ' can ' t be established.

ECDSA key fingerprint is eb:24:0e:07:96:26:b1:04:c2:37:0c:78:2d:bc:b0:08.

Is you sure want to continue connecting (yes/no)? Yes # # need to establish authentication relationship when connecting unfamiliar host

warning:permanently added ' 172.25.0.11 ' (ECDSA) to the list of known hosts.

[email protected] x.x.x.x ' s password: # # remote user password

Last Login:mon Oct Time

[email protected] ~]# # # Landing Success

SSH remote host user @ remote host ip-x # # invoke remote host graphics tool

SSH remote host user @ remote host IPcommand# # run a command directly on the remote host

650) this.width=650; "Src=" https://s2.51cto.com/wyfs02/M02/8F/F8/wKiom1juF1yhyrYaAATWLlftBnM023.png-wh_500x0-wm_ 3-wmp_4-s_395719252.png "title=" image 1.png "alt=" Wkiom1juf1yhyryaaatwllftbnm023.png-wh_50 "/>

650) this.width=650; "Src=" https://s2.51cto.com/wyfs02/M01/8F/F7/wKioL1juGHWhLP0RAATES9F1qjY651.png-wh_500x0-wm_ 3-wmp_4-s_673310784.png "title=" image 2.png "alt=" Wkiol1jughwhlp0raates9f1qjy651.png-wh_50 "/>

3.sshkey Encryption

1. generating the public key private key

[email protected] ~]# Ssh-keygen # # generate public Key private key tool

Generating public/private RSA key pair.

enter file in which to save the key (/ROOT/.SSH/ID_RSA): [Enter] # # Encrypted character save file (recommended default)

Created directory '/root/.ssh '.

Enter Passphrase (empty for no passphrase): [Enter] # # key password, must be >4 characters

Enter same passphrase again: [Enter] # # Confirm Password

Your identification has been saved In/root/.ssh/id_rsa.

Your public key has been saved in/root/.ssh/id_rsa.pub.

The key fingerprint is:

ab:3c:73:2e:c8:0b:75:c8:39:3a:46:a2:22:34:84:81 [email protected]

The key ' s Randomart image is:

+--[RSA 2048]----+

|o |

| E. |

|.. |

|. . o |

|. O. *. S |

|OO.O O. |

|+ =.  .        . |

|o. oo.+. |

| ..        o*. |

+-----------------+

650) this.width=650; "Src=" https://s1.51cto.com/wyfs02/M01/8F/F8/wKiom1juGJ7AEiHvAAUg5VGNnEk846.png-wh_500x0-wm_ 3-wmp_4-s_833514723.png "title=" image 3.png "alt=" Wkiom1jugj7aeihvaaug5vgnnek846.png-wh_50 "/>

[Email protected] ~]# ls/root/.ssh/

Id_rsa id_rsa.pub

Id_rsa # # # The private key is the key

id_rsa.pub # # Public key is the lock

650) this.width=650; "Src=" https://s3.51cto.com/wyfs02/M00/8F/F7/wKioL1juGLWwlmMSAATRP08Y7KE620.png-wh_500x0-wm_ 3-wmp_4-s_549239374.png "title=" image 4.png "alt=" Wkiol1juglwwlmmsaatrp08y7ke620.png-wh_50 "/>

2. add key authentication method

[ email protected] ~]# ssh-copy-id-i/root/.ssh/id_rsa.pub [email protected] x.x.x.x

Ssh-copy-id # # Tools to add key authentication Methods

- I. # # Specify the encryption key file

/root/.ssh/id_rsa.pub # # encryption key

Root # # Encrypted user is root

x.x.x.x # # Encrypted host IP

3. distribute the key to the client host

[ email protected] ~]# Scp/root/.ssh/id_rsa [email protected] x.x.x.x :/root/.ssh/

4. Testing

[ [email protected] ~]# ssh [email protected] x.x.x.x # # Direct connection via id_rsa No need to enter user password

Last Login:mon Oct 3 03:58:10 from x.x.x.x

[Email protected] ~]#

# # # #4. Ascension OpenSSH the security level ####

1.openssh-server configuration file

/etc/ssh/sshd_config

4 9 Permitrootlogin Yes|no # # allows super users to log in

7 9 passwordauthentication Yes|no # # whether to turn on user password authentication,Yes to support no for off

allowusers Student Westos # # user Whitelist, only users who appear in the list can use sshd to build the shell

denyusers Westos # # user blacklist

650) this.width=650; "Src=" https://s2.51cto.com/wyfs02/M00/8F/F8/wKiom1juGQLiWgLTAAUk_id-190126.png-wh_500x0-wm_ 3-wmp_4-s_322716184.png "title=" image 5.png "alt=" Wkiom1jugqliwgltaauk_id-190126.png-wh_50 "/>

650) this.width=650; "Src=" https://s4.51cto.com/wyfs02/M00/8F/F7/wKioL1juGSPReaNuABEIabcaiRY746.png-wh_500x0-wm_ 3-wmp_4-s_2262150314.png "title=" image 6.png "alt=" Wkiol1jugspreanuabeiabcairy746.png-wh_50 "/>

LINUX redhat nineth Unit documentation