What is SSH?
In the Linux system, OpenSSH is currently the most popular remote system registration and file transfer applications, but also the traditional TELNET,FTP network application of the replacement products, OpenSSH not only for the Linux system, but also suitable for a variety of UNIX systems, And the client software such as SSH and SCP also applies to the Windows operating system. If necessary, Windows users can use the Windows version of the SCP client software, WINSCP, to implement file replication between Windows and Linux systems.
How do I install SSH?
In the Ubuntu Linux system, OpenSSH's client software is installed along with the Linux system (in fact ssh,telnet,ftp and so on is the knowledge of the Linux network article) only need to install OpenSSH server.
Command mode: sudo apt-get install Openssh-server
Basic knowledge of cryptography?
For the security of information transmission and communication, computer cryptography invented encryption and decryption.
Encryption is used by the public key, decryption is using the private key
There are both symmetric and asymmetric methods for encryption and decryption.
Symmetry is that the public and private keys are the same, and they know that one can push each other.
Asymmetric is the need to know the private key, the light know that the public key is not pushed out of the original ciphertext.
SSH configuration file Explained
The public and private keys of the OpenSSH server are stored in/etc/.ssh/known_hosts if the secret key does not match the IP address, OpenSSH will consider a file to be problematic.
/etc/ssh/sshd_config configuration file, mainly the sshd daemon according to the definition, the specification of processing action.
How does SSH work?
The OPENSSH generates a public-private key in a random way. Keys are usually generated only once, and must be re-created.
Id_rsa.pub: Public key Id_rsa: private key
Suppose A to Telnet to B
When using SSH command remote B, step 1: Generate a pair of keys on a, step 2: Copy the public key to B named Authorized_keys
Step 3:a Send a connection request to B, which should have the relevant information, including the IP address and user name, step 4:b get the message, will go to Authorized_keys, query whether there is this IP address and user name, if there is randomly generated a string, encrypted with the public key, issued to a. After the step 5:a received, the decryption, after sending to B, step 6:b received after the comparison, if the same will allow the free landing.
This article from the "Jane Answers Life" blog, reproduced please contact the author!