RHCE7 Learning Notes 7--Management OpenSSH Services

1. Connect to the server remotely using SSH

SSH IP, if you do not specify a user name, the current user name is used by default

Specify User name Login:

ssh-l username IP ssh [email protected]

SSH [email protected]

After the SSH login is successful, the user's home directory will generate the. SSH folder, which records the user's public key fingerprint:

[[email protected] ~]# ssh [email protected]the  authenticity of host  ' localhost  (:: 1) '  can ' t be established. ecdsa key fingerprint is d0:f6:7b:6f:6a:c3:c6:70:e6:70:17:f5:0f:9d:38:6a. are you sure you want to continue connecting  (yes/no)?  yesWarning : permanently added  ' localhost '   (ECDSA)  to the list of known  hosts. [email protected] ' s password: last login: wed dec 31 14:46:34  The 

[[Email protected] ~]# CD. Ssh/[[email protected]. ssh]# lsknown_hosts[[email protected]. ssh]# cat known_hosts localhost ecdsa-sha2-nistp256 aaaae2vjzhnhlxnoytitbmlzdhayntyaaaaibmlzdhayntyaaabbbeijqnxdmyhmfndlk+ b3kp3trefq29vcfglzlij2uy3w+sto7o+gcagmpyhto7qyahnhttgl/dson31i2uoxepm=

If SSH is another machine ssh with the same IP address, then you cannot connect, and you need to delete the. known_hosts file below SSH

SSH connection in the past, if you need to use a graphical interface to open Firefox and other programs, you need to add x option, and need to install Xmanager on the local machine and the Xshell terminal to turn on X11 forwarding:

[[email protected] ~]# ssh [email protected]-X

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/58/21/wKioL1SqIb-CzYnCAAD-SCvc8Zo053.jpg "title=" QQ picture 20150105132721.jpg "alt=" Wkiol1sqib-czyncaad-scvc8zo053.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/58/24/wKiom1SqIRrhCHxPAAHNkb15KJc880.jpg "title=" QQ picture 20150105132806.png "alt=" Wkiom1sqirrhchxpaahnkb15kjc880.jpg "/>

Start Firefox on Xshell terminal

[email protected] ~]$ Firefox &

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/58/24/wKiom1SqI7fxYHi4AAGubR8qAho629.jpg "title=" QQ picture 20150105133906.jpg "alt=" Wkiom1sqi7fxyhi4aagubr8qaho629.jpg "/>

Second, configure SSH key remote login

Three ways to encrypt:

1, symmetric encryption, encryption and decryption of the same key: Aes,des,3des;

2, asymmetric encryption, public key encryption, private key decryption: RSA,DH,DSA,;

3, hashing algorithm, information integrity check: Md5,sha;

To configure SSH RSA key pairs:

Use the Ssh-keygen command on the local client to generate the key pair, add the-n option, set the private encryption key is empty, so SSH remote client will not need to enter the password of the private key:

[Email protected] ~]$ ssh-keygen-n "" Generating public/private RSA key pair. Enter file in which to save the key (/HOME/REDHAT/.SSH/ID_RSA): Created directory '/home/redhat/.ssh '. Your identification has been saved In/home/redhat/.ssh/id_rsa. Your public key has been saved in/home/redhat/.ssh/id_rsa.pub.

In the home directory, under the. SSH directory, generate the public and private key pair files:

[email protected]. ssh]$ ls id_rsa id_rsa.pub

Use the Ssh-copy-id command to send the local public key to the remote client's home directory:

[email protected]. ssh]$ ssh-copy-id-i id_rsa.pub [email protected]

[email protected]. ssh]# LS-AL-RW-------. 1 root root 399 Jan 6 15:37 Authorized_keys

After the replication public key is complete, the local client SSH remote client does not require a password to log in directly:

[c:\~]$ ssh [email protected]

In Windows, use the RSA key pair login RHEL7:

First, use the Xshell user Key Management feature to generate the local RSA public key:

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/58/32/wKiom1SrqCzTONIjAAFdjQv_SHY088.jpg "title=" QQ picture 20150106171643.jpg "alt=" Wkiom1srqcztonijaafdjqv_shy088.jpg "/>

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/58/32/wKiom1SrqGjwohfsAACqZBdl2cA890.jpg "title=" QQ picture 20150106171807.jpg "alt=" Wkiom1srqgjwohfsaacqzbdl2ca890.jpg "/>

Export the generated public key to the local computer to save and upload the public key file to the remote server:

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/58/2F/wKioL1Srqb2CmbSIAAD9ap515iQ606.jpg "title=" QQ picture 20150106172050.jpg "alt=" Wkiol1srqb2cmbsiaad9ap515iq606.jpg "/>

Append the contents of the public key file to the Authorized_keys file under the. SSH directory:

[email protected]. ssh]# Cat Id_rsa_1024.pub >>authorized_keys

In the Xshell terminal SSH remote server side, in the Export dialog box select the Use public key login, enter the private key password to log in:

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/58/2F/wKioL1SrqxPg_yEhAAFJDMZWuAU653.jpg "title=" QQ picture 20150106172633.jpg "alt=" Wkiol1srqxpg_yehaafjdmzwuau653.jpg "/>

This article is from the "Ordinary Road" blog, please be sure to keep this source http://linjohn.blog.51cto.com/1026193/1599832

RHCE7 Learning Notes 7--Management OpenSSH Services