Discover cisco ssh configuration example, include the articles, news, trends, analysis and practical advice about cisco ssh configuration example on alibabacloud.com
the top of the file, so the order is important.It is now a good time to point out that the schema in the host definition does not have to match the actual host you are connecting to. In fact, you can use these definitions to set aliases for hosts in place of the actual host names.Look at an example:Host dev1 HostName dev1.example.com User tomNow to connect to it [emailprotected] , you can enter the following command at the command line:ssh dev1With this in mind, we will now continue to di
describes the names of the hosts which are# Allowed to use the local Inet services, as decided# By the '/usr/sbin/tcpd' server.#Sshd: 192.168.0. Allow add this line, only allow SSH connection requests from the Intranet
Restart the SSH service
After modifying the SSH configuration file, you must restart the
Basic conceptsLinux comes with SSH as OpenSSHSSH protocol provides two kinds of user authentication methods1, password-based security authentication: Use the user name, password to authenticate the logged-in user2. Key-Based Security authentication: Use public and private key pairs to authenticate logged-in usersOpenSSH RPM package is made up of four parts (default installed) openssh-4.3p2-26.el5.i386.rpm(be sure to install this RPM package first)ope
Linux SSH password-free login configuration Summary
I. Principles
We use ssh-keygen to generate the private key and public key on ServerA, copy the generated public key to the remote server B, you can use the ssh command to log on to another server B without a password.
There are two encryption methods to generate a pu
import to the authorized_keys file for password-free login to the server
First, copy the public key to the server.
Scp ~ /. Ssh/id_rsa.pub xxx @ host:/home/id_rsa.pub
Then, import the public key to the authentication file (this step is performed on the other server)
Shell code: cat/home/id_rsa.pub> ~ /. Ssh/authorized_keys
2.3 Change permissions on the server
Chmod 700 ~ /.
Hosts.allow. In particular# You should know that NFS uses portmap!
sshd:all ← Add this line, shielding from all SSH connection requests
# Vi/etc/hosts.allow ← Modify the Allow rule to add the corresponding line at the end of the text
## Hosts.allow This file describes the names of the hosts which are# allowed to with the local INET services, as decided# by the '/USR/SBIN/TCPD ' server.#
sshd:192.168.0. ← Add this line, only allow
I. Preparatory workFirst of all make sure that you have SSH installed on your Linux system, and that for Ubuntu systems it is common to install only SSH client, so we need to install SSH server manually:sudo Install Openssh-serverTwo. SSH Fundamentals 2.1 FundamentalsSSH guarantees security because it uses public-key c
complete, go to the Slave machine, append the authorization file with the public key, assign permissions, switch to the root user, configure the sshd, and restart the ssh service, such as the Master machine configuration.
Then, return to the hadoop user on the Master machine for testing.
We found that password verification is not required at this time. Of course, only one-way login from the Master
CentOS SSH password-less login principle, configuration and FAQsPrinciples
For ease of understanding, it is assumed that the hadoop148 host can be connected to hadoop107 without a password.
Generate a key pair on hadoop148, including a public key and a private key, and copy the public key to hadoop107.
Then, when hadoop148 connects to the hadoop107 machine through SSH
protected]hadoop107 Machine still need to enter the password, that is, no password authentication failed,analysis and Processing:First step: View permissionsWith ssh-v debug access, the log is as follows, but from the log can not see the reason for failure, only know in the use of PublicKey authentication, the end is not reply;View the/var/log/secure log againBy looking at the hadoop107 machine/var/log/secure, we found the following errorJan 8 13:31
Experiment:
1, test pc to 192.168.1.98:80, use browser to access 192.168.1.98:80 normal page
Ssh–f–n–l 0.0.0.0:2001:192.168.1.98:80 test@192.168.1.102
Ssh-n-l2001:remotehost:80 User@somemachine
This command opens the 2001 port on this machine, and the request to the native 2001 port passes through Somemachine as a springboard and goes to port 80 of remotehost.
The implementation effect is similar to t
Linux SSH password-free login configuration because of learning hadoop, SSH password-less login is required between clusters, so before installing hadoop, you must configure password-less SSH Login between machines. How do I Configure SSH login without a password? The follow
transmission efficiency enable service editing /etc/xinetd.d/rsync settings disable = on enable default do not enable restart xinetd process service xinetd restart example Week 1 to Week 6 do a backup crontab-e0 2 * * 1-6/usr/bin/rsync-arhz--delete [Emailprotected]:/web /backup nbsp Copy the Web directory of another host to the back of this machine -a Keep file properties-r subdirectory recursive processing-H Keep file hard link-Z backup file
the following command: # yum install ssh # yum install rsync to start SSH: # service sshd start (3) SSH equivalence principle. Suppose there are two machines on the network: A B, and A must implement password-free public key authentication, then: ① generate A key pair on A first, including A public key and A private key ② and then copy the public key to B ③ Whe
SSH
# Yum install rsync
Start SSH:
# Service sshd start
(Iii) SSH Equivalence Principle
Assume that there are two machines on the Network: A B, and a must implement password-free public key authentication, then:
① Generate a key pair on A, including a public key and a private key.
② Copy the public key to B.
③ When a connects to B through
powerful SSH connection module, the above example only lists some of the simple use of the module, can also use the threading module to block the speed of the program concurrency, but also can use the Configparser module processing configuration files, and we will all IP , user information actions are put into the configurat
1. Install SSH:$ sudo apt-get install SSH2. See if the catalog is generated. SSH:$ ls-al/home/ubuntu/3. If not, create the directory manually. SSH:$ mkdir/home/ubuntu/.ssh4. Generate public and private keys:$ ssh-keygen-t dsa-p '-f ~/.SSH/ID_DSA or $
First, if not installed, then apt-get install SSH on the command line
After a while, you can actually log on to the SSH service machine.
The command to open the SSH service is: sudo/etc/init.d/sshd restart (generate public-private key pair)
View SSH status command: sudo/etc/init.d/sshd status
If you do not start
decryption number back to hadoop107, hadoop107 confirm the decryption number is correct after allowing hadoop148 not enter the password to connect the
Configuration
Specific steps
1, login hadoop148, execute command ssh-keygen-t RSA all the way back, view just generated no key pair: CD. SSH execution ll
2, add the id_rsa.pub to the authorized key inside. Exe
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.