远程访问
什么是openssh
是一个提供远程访问控制的软件2.如何实现远程访问ssh 远程主机用户@远程主机ip地址ssh root@172.25.254.1 (- x 可以打开图形)The authenticity of host '172.25.254.1 (172.25.254.1)' can't be established.ECDSA key fingerprint is 55:dd:43:ce:bf:94:dd:91:49:e7:97:29:63:3d:02:02.Are you sure you want to continue connecting (yes/no)? yes ##建立安全传输keyroot@172.25.254.1's password: ##密码输入没有回显Last failed login: Sun Oct 11 16:56:29 CST 2015 from 172.25.254.206 on ssh:nottyThere was 1 failed login attempt since the last successful login.Last login: Sun Oct 11 16:55:46 2015 from 172.25.254.206[root@foundation1 ~]# ###登陆成功ctrl +d |logout ###退出[root@foundation1 ~]# logoutConnection to 172.25.254.1 closed.[root@localhost ~]# vim /etc/motd ###设定登陆显示字符
ssh的key认证
[test@foundation0 ~]$ ssh-keygen ###生成公钥和私钥的工具
Generating public/private rsa key pair.Enter file in which to save the key (/home/test/.ssh/id_rsa):『enter』 ###指定加密字符保存文件,使用默认Created directory '/home/test/.ssh'.Enter passphrase (empty for no passphrase): ###密码,必须大于4位Enter same passphrase again: Your identification has been saved in /home/test/.ssh/id_rsa.Your public key has been saved in /home/test/.ssh/id_rsa.pub.The key fingerprint is: ###确认密码a5:4f:02:51:68:59:f4:e8:e3:c5:91:1f:6f:86:99:06 test@foundation0.ilt.example.comThe key's randomart p_w_picpath is:+--[ RSA 2048]----+| .*+ || +. o . || .. . E . || o + + * || S + * + || . * . o || . . || || |+-----------------+[test@foundation0 .ssh]$ pwd/home/test/.ssh ###生成密钥存放位置[test@foundation0 .ssh]$ ls id_rsa id_rsa.pub ####id_rsa位私钥,id_rsa.pub位公钥#####################使用key加密目标主机的目标用户############[test@foundation0 ~]$ ssh-copy-id -i /home/test/.ssh/id_rsa.pub westos@172.25.254.100The authenticity of host '172.25.254.100 (172.25.254.100)' can't be established.ECDSA key fingerprint is eb:24:0e:07:96:26:b1:04:c2:37:0c:78:2d:bc:b0:08.Are you sure you want to continue connecting (yes/no)? yes/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keyswestos@172.25.254.100's password: Number of key(s) added: 1Now try logging into the machine, with: "ssh 'westos@172.25.254.100'"and check to make sure that only the key(s) you wanted were added. ssh-copy-id ####上传key的工具-i ####指定使用的公钥/home/test/.ssh/id_rsa.pub #####使用公钥的名称westos ####被管理的目标用户172.25.254.100 ####被管理用户所在主机的ipauthorized_keys ###此文件在目标用户加目录的.ssh中,这个文件就是目标用户被加密的标识,文件内容位公钥内容。奋发钥匙个主机
[test@foundation0 ~]$ scp /home/test/.ssh/id_rsa root@172.25.254.10: /root/.ssh
2.sshd服务的简单配置
vim /etc/ssh/sshd_config ###sshd服务的配置文件48 PermitRootLogin yes|no ###是否允许root用户通过sshd的认证78 PasswordAuthentication yes|no ###开启或关闭用户密码认证AllowUsers student westos ###用户白名单,只允许在名单中出现的用户使用sshd服务systemctl restart sshd ###从新加载配置文件的打包和压缩
打包:打包表示把一堆文件变成一个
tar ####打包工具 -f ####指定生成包的名字 -c ####创建包 -v ####显示创建过程 -t ####查看包中内容 -x ####解包 -r ####添加文件到包中 --delete filename ##删除包中指定文件 --get filename ##取出包中指定文件压缩:gzipgzip xxxx.tar =====> xxxx.tar.gz ##压缩gunzip xxxx.tar.gz =====> xxxx.tar ##解压tar zcvf xxxx.tar.gz 目标文件 ##打包压缩文件tar zxvf xxxx.tar.gz ###xxxx.tar.gz===>xxxxbz2bzip2 xxxx.tar =====> xxxx.tar.bz2 ##压缩bunzip2 xxxx.tar.bz2 =====> xxxx.tar ##解压tar jcvf xxxx.tar.bz2 目标文件 ##打包压缩文件tar jxvf xxxx.tar.bz2 ###xxxx.tar.bz2===>xxxxxzxz xxxx.tar =====> xxxx.tar.xz ##压缩unxz xxxx.tar.xz =====> xxxx.tar ##解压tar Jcvf xxxx.tar.xz 目标文件 ##打包压缩文件tar Jxvf xxxx.tar.xz ###xxxx.tar.xz===>xxxx zipzip -r xxx.tar.zip xxx.tar ###压缩unzip xxx.tar.zip ###解压远程文件传输
scp ##远程复制
scp file user@ip:/directory ##上传文件scp -r dir user@ip:/directory ##长传目录scp user@ip:/filename /direcotry ##下载文件scp -r user@ip:/directory /direcotry ##下载目录rsync ###远程同步rsync file|direcotry user@ip:/directoryrsync user@ip:/directory /directory -r ##同步目录 -l ##不忽略链接 -p ##不忽略权限 -t ##不忽略时间戳 -g ##不忽略组信息 -o ##不忽略用户信息 -D ##不忽略设备文件