Linux爱情故事之如何以不一样的姿势(ssh)进入她的心
文章目录
1、ssh是谁,为什么要进入她的心
ssh是linux操作系统的远程登录命令ssh默认的端口为22ssh安全协议版本为SSH2ssh由openssh(提供ssh服务)和openssl(提供加密的程序)组成windows上常用的ssh客户端有:xshell、xterm、finalshell、putty等等
2、如何正确的扒拉ssh
2.1、ssh的常用参数
Linux:~ # ssh --help
unknown option -- -
usage: ssh [-1246AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]
[-D [bind_address:]port] [-E log_file] [-e escape_char]
[-F configfile] [-I pkcs11] [-i identity_file]
[-J [user@]host[:port]] [-L address] [-l login_name] [-m mac_spec]
[-O ctl_cmd] [-o option] [-p port] [-Q query_option] [-R address]
[-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]]
[user@]hostname [command]
2.2、您配钥匙吗?(ssh生成公钥或者秘钥)
- 在没有配置过公钥或者私钥的机器上,是不会生成
.ssh目录的,.ssh目录在用户的家目录下面(那可不,你家钥匙肯定在你家呗)
Linux-144:~ # cd ~/.ssh
-bash: cd: /root/.ssh: No such file or directory
- 使用
ssh-keygen命令,获得属于自己的公钥和私钥 - 输入
ssh-keygen命令后,一路回车即可同时获得公钥(id_rsa.pub)和私钥(id_rsa) ssh-keyge -t可以指定生成公钥和私钥的算法,默认是rsa算法[-t dsa | ecdsa | ed25519 | rsa | rsa1]有这里的五种算法
Linux-144:~ # ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:nUn0/piKV9GejHr7uo4Hj+xMCWlMQK/4NNhnOoUQHV0 root@Linux-144
The key's randomart image is:
+---[RSA 2048]----+
| .o+o .E |
| ..o.. . |
| . o . .. |
| = = + +. . |
| o * S + .= . |
| o B ...o++ |
| + .o*o . |
| . +=o+ |
| .o=+==. |
+----[SHA256]-----+
Linux-144:~ # ll ~/.ssh/
total 8
-rw------- 1 root root 1675 Jan 19 06:39 id_rsa
-rw-r--r-- 1 root root 396 Jan 19 06:39 id_rsa.pub
2.3、我要单向畅通无阻的进入你的心(ssh-copy-id发送公钥和秘钥)
- 使用
ssh-copy-id可以将自己的公钥和私钥发送到其他远程的服务
Linux-144:~ # ssh-copy-id root@192.168.72.145
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.72.145 (192.168.72.145)' can't be established.
ECDSA key fingerprint is SHA256:r+MDt63O2buie+vek5ysFZ5wbxd+QolySolYxn6JMCU.
Are you sure you want to continue connecting (yes/no)? yes "首次登陆的时候,需要输入yes"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Password: "这里的密码,是192.168.72.145机器得密码"
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.72.145'"
and check to make sure that only the key(s) you wanted were added.
Linux-144:~ # ssh root@192.168.72.145 "我已经可以单向畅通无阻的进入145的心了(ssh远程机器,不需要输入密码了)"
Last login: Tue Jan 19 06:36:09 2021 from 192.168.72.1
Linux-145:~ # ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:0C:29:41:AC:5C
inet addr:192.168.72.145 Bcast:192.168.72.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe41:ac5c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:591 errors:0 dropped:0 overruns:0 frame:0
TX packets:330 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:63923 (62.4 Kb) TX bytes:57765 (56.4 Kb)
Linux-145:~ # ssh root@192.168.72.144 "但是145想要进入到144的心,就需要验证密码,单向奔赴,总是让人心疼"
The authenticity of host '192.168.72.144 (192.168.72.144)' can't be established.
ECDSA key fingerprint is SHA256:r+MDt63O2buie+vek5ysFZ5wbxd+QolySolYxn6JMCU.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.72.144' (ECDSA) to the list of known hosts.
Password:
Last login: Tue Jan 19 06:36:12 2021 from 192.168.72.1
2.4、双向奔赴,才有意义(利用authorized_keys文件)
- 当用户向自己使用
ssh-copy-id user@ip(ip为本机ip)时,会在~/.ssh目录下,产生authorized_keys文件 - 当用户向远程用户使用
ssh-copy-id -i user@ip(远程端用户的ip)时,远程用户的~/.ssh目录下,会产生authorized_keys文件
Linux-144:~ # ssh-copy-id root@192.168.72.144
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.72.144 (192.168.72.144)' can't be established.
ECDSA key fingerprint is SHA256:r+MDt63O2buie+vek5ysFZ5wbxd+QolySolYxn6JMCU.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.72.144'"
and check to make sure that only the key(s) you wanted were added.
Linux-144:~ # ll ~/.ssh/
total 16
-rw------- 1 root root 396 Jan 19 06:58 authorized_keys
-rw------- 1 root root 1675 Jan 19 06:39 id_rsa
-rw-r--r-- 1 root root 396 Jan 19 06:39 id_rsa.pub
-rw-r--r-- 1 root root 352 Jan 19 06:58 known_hosts
- 远程用户生成自己的公钥和秘钥,也对自己使用
ssh-copy-id -i user@ip(ip为本机ip),以此来产生authorized_keys文件
Linux-145:~ # ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:YRqMQywB7FBPve9XxBvCwG9mKkLuw/bBgc15HN4JjNs root@Linux-145
The key's randomart image is:
+---[RSA 2048]----+
|ooooo. . |
|...+.o.oo |
|o .+ +.*+ . |
| . .=.X =B.+ |
| o. B.E=oo o |
| o..oo o |
| o .oo . |
| = .. . |
| . o. . |
+----[SHA256]-----+
Linux-145:~ # ssh-copy-id -i root@192.168.72.145
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.72.145 (192.168.72.145)' can't be established.
ECDSA key fingerprint is SHA256:r+MDt63O2buie+vek5ysFZ5wbxd+QolySolYxn6JMCU.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.72.145'"
and check to make sure that only the key(s) you wanted were added.
Linux-145:~ # ll ~/.ssh
total 16
-rw------- 1 root root 792 Jan 19 07:03 authorized_keys
-rw------- 1 root root 1679 Jan 19 07:02 id_rsa
-rw-r--r-- 1 root root 396 Jan 19 07:02 id_rsa.pub
-rw-r--r-- 1 root root 352 Jan 19 07:02 known_hosts
- 将其他主机的
authorized_keys文件内的内容,复制到一台总的主机authorized_keys文件内,以此来达到多主机免密互信的效果
Linux-144:~ # cat ~/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMOdv/YkDbYwHRCo0ddj5IqiwLsLY8GkDUTh4yq9ypsyeIzcZvdrLWZ0ZJfFGdtX0RqeYOzbRyWbJZFGt64dZABoVedk429/fT92d1WoKMEfzek9u5uzxQIVKjJe5VaHj04ZW+snY2tsSJrKsCEe+NwaqrjnmU0I7fgSVXJgAiLwIp3yWMqj3nrV58FONaxcwzEkQ6o3Fz3jyqeXdy4vo/FoyT/dMBj4UK0xwKz3fy5h3k9Aarl7FjS3mBv7Tn0Q/zAGRJVSRc/M24tXiaqhBnh9MWxdZdxAwN76MaOOF0AcCE8oEHflZGByWwT7mQrnKP8ADerJqoE2BYpRhMHZvj root@Linux-144
Linux-145:~ # cat ~/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMOdv/YkDbYwHRCo0ddj5IqiwLsLY8GkDUTh4yq9ypsyeIzcZvdrLWZ0ZJfFGdtX0RqeYOzbRyWbJZFGt64dZABoVedk429/fT92d1WoKMEfzek9u5uzxQIVKjJe5VaHj04ZW+snY2tsSJrKsCEe+NwaqrjnmU0I7fgSVXJgAiLwIp3yWMqj3nrV58FONaxcwzEkQ6o3Fz3jyqeXdy4vo/FoyT/dMBj4UK0xwKz3fy5h3k9Aarl7FjS3mBv7Tn0Q/zAGRJVSRc/M24tXiaqhBnh9MWxdZdxAwN76MaOOF0AcCE8oEHflZGByWwT7mQrnKP8ADerJqoE2BYpRhMHZvj root@Linux-144
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqQQdDVXdaKvWSNucbOv69V4GKeU8Yi9A+9oDsWCgvN/BSVTATAHSxRNE5JSy+jnwb3EDqpDHxTuFgbLp6I91J4vc4Cj3ek75TbsFsrKmk3aIJF6DxCLzY0t9rySbeO7wCW8PffgtUSgtwrjL9m/ipqMmTjQsPRLoo8TCIYrnfvA/HJklS7gPXrWFquf0iaDjMMZpPhGkEU0wcHFbh4V73g4TsIpQ/fjnZfLmSxKN1UnNf8OGgf/Cq8kB7x3W3eduK9sZt28d2IwcPLXOvfbquZV98O8jonV2MOIYdIbKZiKa/fMeExhEO1LrvdnZINeSHNbXqIVhdRnbM9i5Sm+OZ root@Linux-145
Linux-145:~ # ssh root@192.168.72.144
Password:
"可以看到,144主机上,没有145主机的认证信息,因此,145主机通过ssh连接144主机的时候,需要提供密码"
"此时,我们将145机器上 authorized_keys 文件内,将第二段内容,复制到144机器上的 authorized_keys 文件内"
Linux-144:~ # cat ~/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMOdv/YkDbYwHRCo0ddj5IqiwLsLY8GkDUTh4yq9ypsyeIzcZvdrLWZ0ZJfFGdtX0RqeYOzbRyWbJZFGt64dZABoVedk429/fT92d1WoKMEfzek9u5uzxQIVKjJe5VaHj04ZW+snY2tsSJrKsCEe+NwaqrjnmU0I7fgSVXJgAiLwIp3yWMqj3nrV58FONaxcwzEkQ6o3Fz3jyqeXdy4vo/FoyT/dMBj4UK0xwKz3fy5h3k9Aarl7FjS3mBv7Tn0Q/zAGRJVSRc/M24tXiaqhBnh9MWxdZdxAwN76MaOOF0AcCE8oEHflZGByWwT7mQrnKP8ADerJqoE2BYpRhMHZvj root@Linux-144
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqQQdDVXdaKvWSNucbOv69V4GKeU8Yi9A+9oDsWCgvN/BSVTATAHSxRNE5JSy+jnwb3EDqpDHxTuFgbLp6I91J4vc4Cj3ek75TbsFsrKmk3aIJF6DxCLzY0t9rySbeO7wCW8PffgtUSgtwrjL9m/ipqMmTjQsPRLoo8TCIYrnfvA/HJklS7gPXrWFquf0iaDjMMZpPhGkEU0wcHFbh4V73g4TsIpQ/fjnZfLmSxKN1UnNf8OGgf/Cq8kB7x3W3eduK9sZt28d2IwcPLXOvfbquZV98O8jonV2MOIYdIbKZiKa/fMeExhEO1LrvdnZINeSHNbXqIVhdRnbM9i5Sm+OZ root@Linux-145
- 此时,我们在145机器上,通过ssh远程访问144机器来测试
Linux-145:~ # ssh root@192.168.72.144
Last login: Tue Jan 19 07:06:44 2021 from 192.168.72.145
Linux-144:~ # ssh root@192.168.72.145
Last login: Tue Jan 19 06:55:00 2021 from 192.168.72.144
Linux-145:~ # ssh root@192.168.72.144
Last login: Tue Jan 19 07:10:20 2021 from 192.168.72.145
Linux-144:~ # ssh root@192.168.72.145
Last login: Tue Jan 19 07:10:30 2021 from 192.168.72.144
Linux-145:~ # ssh root@192.168.72.144
Last login: Tue Jan 19 07:10:42 2021 from 192.168.72.145
Linux-144:~ # ssh root@192.168.72.145
Last login: Tue Jan 19 07:10:46 2021 from 192.168.72.144
- 这个时候,我们就可以看到,两台主机之间,已经可以双向畅通无阻的访问彼此的内心了
3、谢幕
- 彼此间的
交心,需要双向奔赴,只是其中一方赤露敞开,依旧无法解决问题 - 然而人却无法像机器一样这么单纯,人类似乎就是一个
矛盾体,越神秘的,越好奇;越容易得到的,越不珍惜 - 人类情感太复杂了,还是和机器过一辈子吧,毕竟
机器不会骗人,昂昂昂~~~
Linux爱情故事之如何以不一样的姿势(ssh)进入她的心的更多相关文章
- Java面试题总结之数据结构、算法和计算机基础(刘小牛和丝音的爱情故事1)
Java面试题总结之数据结构.算法和计算机基础(刘小牛和丝音的爱情故事1)mp.weixin.qq.com 全文字数: 1703 阅读时间: 大约6 分钟 刘小牛是一名Java程序员,由于天天9 ...
- 操作系统Unix、Windows、Mac OS、Linux的故事
电脑,计算机已经成为我们生活中必不可少的一部分.无论是大型的超级计算机,还是手机般小巧的终端设备,都跑着一个操作系统.正是这些操作系统,让那些硬件和芯片得意组合起来,让那些软件得以运行,让我们的世界在 ...
- jQuery Mobile_简单的爱情故事
<!doctype html> <html> <head> <meta charset="utf-8"> <meta name ...
- Unix、Windows、Mac OS、Linux系统故事
我们熟知的操作系统大概都是windows系列,近年来Apple的成功,让MacOS也逐渐走进普通用户.在服务器领域,恐怕Linux是无人不知无人不晓.他们都是操作系统,也在自己的领域里独领风骚.这都还 ...
- [转]操作系统Unix、Windows、Mac OS、Linux的故事
[写得很江湖气,可惜找不到原作者了] 文章转自:http://blog.csdn.net/wenmingchan/article/details/49925379 http://www.jb51.ne ...
- 【转】操作系统Unix、Windows、Mac OS、Linux的故事
电脑,计算机已经成为我们生活中必不可少的一部分.无论是大型的超级计算机,还是手机般小巧的终端设备,都跑着一个操作系统.正是这些操作系统,让那些硬件和芯片得意组合起来,让那些软件得以运行,让我们的世界在 ...
- 用Python讲述冯绍峰和赵丽颖的爱情故事
昨天刷头条时得知赵丽颖当妈妈了.作为一名程序员突发奇想,不如用Python简单叙述一下冯绍峰和赵丽颖的爱情故事,于是有了本文. 代码十分简单,适合编程小白和有一些Python基础的准程序员,其中用到了 ...
- 《Linux就该这么学》培训笔记_ch09_使用ssh服务管理远程主机
<Linux就该这么学>培训笔记_ch09_使用ssh服务管理远程主机 文章最后会post上书本的笔记照片. 文章主要内容: 配置网络服务 远程控制服务 不间断会话服务 书本笔记 配置网络 ...
- C语言与linux的故事
声明:本文是作者读完http://www.aqee.net/proof-that-linux-is-always-number-1/这篇文章后的随想. 凌晨2点,电脑前,程序员还在不断修改着自己的代码 ...
随机推荐
- MapReduce和Hive学习文档链接学习顺序
1.<CentOS6.5下安装Hadoop-2.7.3(图解教程)> https://www.toutiao.com/i6627365258090512909/ 2.<CentOS6 ...
- YBT 1633:【例 3】Sumdiv
http://ybt.ssoier.cn:8088/problem_show.php?pid=1633 A^B 快速幂求结果,所有约数和,可以通过组合来进行得到. 技巧,通过递归得到1~n次的和.su ...
- 解决excel两表之间数据关联关系,知道这几招就够了
用过SAP的凭证批量录入模板(Excel文件)的都知道,一个凭证由[抬头]和多个[行项目]组成,这是一个关于excel两表信息关联的典型场景. 这里头蕴藏着一个麻烦:当我们需要一次性录入多个凭证时,如 ...
- python测试框架-pytest
一.pytest 介绍.运行.参数化和数据驱动.Fixture pytest安装与介绍 官网 : pip install -U pytest 查看版本号:pytest --version 为何选择py ...
- Spring系列4:依赖注入的2种方式
本文内容 基于构造器的依赖注入 基于setter的依赖注入 基于构造器的依赖注入 案例 定义2个简单的bean类,BeanOne 和 BeanTwo,前者依赖后者. package com.crab. ...
- 使用VS Code的MySQL扩展管理数据库
我将在本文告诉你如何用VS Code的扩展程序管理MySQL数据库,包括连接到MySQL.新建数据库和表.修改字段定义.简单的查询方法以及导入导出. 在许多情况下,我们需要随时查看数据库的记录来确保程 ...
- golang中接口详解
package main import ( "fmt" ) type Sayer interface { say() } type Mover interface { move() ...
- Go 变量及基本数据类型2
#### Go 变量及基本数据类型(二)今天学习一下基本数据类型,包括整数类型,小数类型,字符类型##### 整数类型用来存放整数数值的, 如0,1,-10,2222等; 整数型的类型有: 类型 有无 ...
- java-异常-自定义异常异常类的抛出throws
1 package p1.exception; 2 /* 3 * 对于角标是整数不存在,可以用角标越界表示, 4 * 对于负数为角标的情况,准备用负数角标异常来表示. 5 * 6 * 负数角标这种异常 ...
- CSS八种让人眼前一亮的HOVER效果
一.发送效果 HTML <div id="send-btn"> <button> // 这里是一个svg的占位 Send </button> & ...