One of SSH learning is the basic use of OpenSSH

Source: Internet
Author: User
Tags openssh server secure copy

In Linux, OpenSSH is the most popular remote system logon and file transmission application, and is also a new product for traditional network applications such as Telenet, FTP, and R series. Among them, ssh (Secure Shell) can replace telnet, rlogin and rsh, scp (Secure Copy) and sftp (Secure FTP) can replace ftp.

OpenSSH uses keys to encrypt data to ensure data transmission security. Before data transmission starts, both parties must first exchange keys. When receiving data from the other party, they can use the keys and corresponding programs to decrypt the data. This encrypted data transmission helps prevent illegal users from obtaining data information.

OpenSSH generates public/private keys randomly. A key is usually generated once and can be re-created if necessary.

When you log on to the remote system using the ssh command, the sshd daemon of the OpenSSH server will send a public key, and the OpenSSH client software ssh will prompt you to confirm whether to receive the public key sent. At the same time, the OpenSSH client will return a key to the server so that each system on both sides of the OpenSSH connection has the key of the other party, so that the other party can decrypt the encrypted data sent through the encrypted link.

The public key and private secret of the OpenSSH server are both stored in the/etc/ssh directory. On the OpenSSH client, all the public keys received by the user and the IP addresses of the OpenSSH server providing the keys are stored in ~ /. Ssh/known_hosts file (. ssh is a hidden directory ). If the key does not match the IP address, OpenSSH considers that a problem occurs at a specific stage. For example, reinstalling the operating system or upgrading OpenSSH will cause the system to generate a new key again, and malicious network attacks will also cause key changes. Therefore, when the key changes, you should always first understand the reasons for the key changes to ensure data security during network access.

1. Install the OpenSSH server

In Ubuntu, the OpenSSH client is installed along with the system as a basic system software, but the OpenSSH server needs to be installed separately. Install the openssh-server software package and use software tools such as apt-get, aptitude, and synaptic.

$ Sudo apt-get install openssh-server

After installation, run the following command to verify whether the sshd daemon of the OpenSSH server is enabled.

$ Pidof sshd

2. log on to the remote system using SSH

In OpenSSH, ssh is an important client application. Ssh can be used to log on to the remote system through encrypted communication. The syntax format is as follows:

Ssh [options] [-l login_name] [user @] hostname [command]

The "-llogin_name" option is used to specify the user name, indicating which user is used to log on to the remote system. If no user name is provided, log on to the remote system as the current user. For example, the following command indicates to log on to the remote system as a webgod user using the default port 22 (Note: Here "Welcome to Ubuntu 12.04 LTS (GNU/Linux )...... Https://helo.ubunut.com/# /etc/motdfile ). In addition to the "-l" option, to log on to the remote system as another user, you can also use "user @ hostname" to log on to the remote system.

Download files

For example ~ The/. ssh/id_rsa.pub file is copied to the/tmp directory of the local system.

$ Scp webgod@10.203.138.129 :~ /. Ssh/id_rsa.pub/tmp

Assume that the TCP port listened by the sshd daemon has been modified to 435. To use this port to copy files, run the following command.

$ Scp-P 534 webgod@10.203.138.129 :~ /. Ssh/id_rsa.pub/tmp

Use scp to upload files

$ Scp/etc/hosts webgod@10.203.138.129:/tmp

$ Scp-P 435/etc/hosts webgod@10.203.138.129:/tmp

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.