In Linux, OpenSSH is the most popular remote system logon and file transmission application, and is also a new product for traditional network applications such as Telenet, FTP, and R series. Among them, ssh (Secure Shell) can replace telnet, rlogin and rsh, scp (Secure Copy) and sftp (Secure FTP) can replace ftp.
OpenSSH uses keys to encrypt data to ensure data transmission security. Before data transmission starts, both parties must first exchange keys. When receiving data from the other party, they can use the keys and corresponding programs to decrypt the data. This encrypted data transmission helps prevent illegal users from obtaining data information.
OpenSSH generates public/private keys randomly. A key is usually generated once and can be re-created if necessary.
When you log on to the remote system using the ssh command, the sshd daemon of the OpenSSH server will send a public key, and the OpenSSH client software ssh will prompt you to confirm whether to receive the public key sent. At the same time, the OpenSSH client will return a key to the server so that each system on both sides of the OpenSSH connection has the key of the other party, so that the other party can decrypt the encrypted data sent through the encrypted link.
The public key and private secret of the OpenSSH server are both stored in the/etc/ssh directory. On the OpenSSH client, all the public keys received by the user and the IP addresses of the OpenSSH server providing the keys are stored in ~ /. Ssh/known_hosts file (. ssh is a hidden directory ). If the key does not match the IP address, OpenSSH considers that a problem occurs at a specific stage. For example, reinstalling the operating system or upgrading OpenSSH will cause the system to generate a new key again, and malicious network attacks will also cause key changes. Therefore, when the key changes, you should always first understand the reasons for the key changes to ensure data security during network access.
1. Install the OpenSSH server
In Ubuntu, the OpenSSH client is installed along with the system as a basic system software, but the OpenSSH server needs to be installed separately. Install the openssh-server software package and use software tools such as apt-get, aptitude, and synaptic.
$ Sudo apt-get install openssh-server
After installation, run the following command to verify whether the sshd daemon of the OpenSSH server is enabled.
$ Pidof sshd
2. log on to the remote system using SSH
In OpenSSH, ssh is an important client application. Ssh can be used to log on to the remote system through encrypted communication. The syntax format is as follows:
Ssh [options] [-l login_name] [user @] hostname [command]
The "-llogin_name" option is used to specify the user name, indicating which user is used to log on to the remote system. If no user name is provided, log on to the remote system as the current user. For example, the following command indicates to log on to the remote system as a webgod user using the default port 22 (Note: Here "Welcome to Ubuntu 12.04 LTS (GNU/Linux )...... Https://helo.ubunut.com/# /etc/motdfile ). In addition to the "-l" option, to log on to the remote system as another user, you can also use "user @ hostname" to log on to the remote system.
Download files
For example ~ The/. ssh/id_rsa.pub file is copied to the/tmp directory of the local system.
$ Scp webgod@10.203.138.129 :~ /. Ssh/id_rsa.pub/tmp
Assume that the TCP port listened by the sshd daemon has been modified to 435. To use this port to copy files, run the following command.
$ Scp-P 534 webgod@10.203.138.129 :~ /. Ssh/id_rsa.pub/tmp
Use scp to upload files
$ Scp/etc/hosts webgod@10.203.138.129:/tmp
$ Scp-P 435/etc/hosts webgod@10.203.138.129:/tmp