Secure Management of your remote Ubuntu server-Linux Enterprise Application-Linux server application information. See the following for details. To securely manage your remote Ubuntu server, you need to install the SSH server. SSH provides you with an encrypted channel to log on to the remote server and run commands. in addition, SSH provides some advanced functions to simplify remote management.
Install the SSH server in Ubuntu
Sudo apt-get install openssh-server
The software package generates the initial RSA and DSA keys and provides a default SSH configuration.
Connect to the server
Use the following command on another machine to connect to the server:
Ssh serveripaddress
For example:
Ssh 195.14.2.1 (ypxing Note: assume that the SSH server is installed on host 195.14.2.1)
Configure SSH
/Etc/ssh/sshd_config is the main configuration file. The default configuration allows remote root user logon and X11 forwarding. This team has no security benefits. Therefore, we need to disable these two options.
Remote root User Logon prohibited
Search for the following line in the/etc/ssh/sshd_config file:
PermitRootLogin yes
Change it:
PermitRootLogin no
Disable X11 forwarding
Search for the following line in the/etc/ssh/sshd_config file:
X11Forwarding yes
Change it:
X11Forwarding no
Run the following command to restart the SSH server:
Sudo/etc/init. d/ssh restart
X11 Forwarding
If you want to use the X11 Forwarding option to connect to the desktop of your remote machine using Xterm (ypxing Note: The preceding X11 Forwarding option needs to be enabled), you need to use the following command:
Ssh-X serverIpAddress
Use SCP to securely copy files
Another common requirement is to copy files between the servers you manage. although you can install an FTP server on all servers, this is not an ideal security solution. using the scp command, SSH can copy files. by using the key-based security authentication mechanism you have established (SSH), you can copy files on a secure channel.
Run the following command to copy a local file to a remote host:
Scp/path/to/file user @ remotehost:/path/to/destination
Run the following command to copy a remote host file to the local machine:
Scp user @ remotehost:/path/to/file/path/to/destination
Use the-r option to copy a local directory to a remote host:
If you want to transfer log files or other files with a large compression ratio, the-C parameter will be very helpful. this will enable the compression option. Although more CPUs will be used during copying, it will increase the transmission speed during transmission.
Use the-l option to limit the available bandwidth. put the desired bandwidth behind-l, in the unit of K/s. for example, use the following command to transmit a file at 256 Kbps:
Scp-l 256/path/to/file user @ remotehost:/path/to/destination
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
