Linux爱情故事之如何以不一样的姿势(ssh)进入她的心
文章目录
1、ssh是谁,为什么要进入她的心
ssh是linux操作系统的远程登录命令ssh默认的端口为22ssh安全协议版本为SSH2ssh由openssh(提供ssh服务)和openssl(提供加密的程序)组成windows上常用的ssh客户端有:xshell、xterm、finalshell、putty等等
2、如何正确的扒拉ssh
2.1、ssh的常用参数
Linux:~ # ssh --help
unknown option -- -
usage: ssh [-1246AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]
[-D [bind_address:]port] [-E log_file] [-e escape_char]
[-F configfile] [-I pkcs11] [-i identity_file]
[-J [user@]host[:port]] [-L address] [-l login_name] [-m mac_spec]
[-O ctl_cmd] [-o option] [-p port] [-Q query_option] [-R address]
[-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]]
[user@]hostname [command]
2.2、您配钥匙吗?(ssh生成公钥或者秘钥)
- 在没有配置过公钥或者私钥的机器上,是不会生成
.ssh目录的,.ssh目录在用户的家目录下面(那可不,你家钥匙肯定在你家呗)
Linux-144:~ # cd ~/.ssh
-bash: cd: /root/.ssh: No such file or directory
- 使用
ssh-keygen命令,获得属于自己的公钥和私钥 - 输入
ssh-keygen命令后,一路回车即可同时获得公钥(id_rsa.pub)和私钥(id_rsa) ssh-keyge -t可以指定生成公钥和私钥的算法,默认是rsa算法[-t dsa | ecdsa | ed25519 | rsa | rsa1]有这里的五种算法
Linux-144:~ # ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:nUn0/piKV9GejHr7uo4Hj+xMCWlMQK/4NNhnOoUQHV0 root@Linux-144
The key's randomart image is:
+---[RSA 2048]----+
| .o+o .E |
| ..o.. . |
| . o . .. |
| = = + +. . |
| o * S + .= . |
| o B ...o++ |
| + .o*o . |
| . +=o+ |
| .o=+==. |
+----[SHA256]-----+
Linux-144:~ # ll ~/.ssh/
total 8
-rw------- 1 root root 1675 Jan 19 06:39 id_rsa
-rw-r--r-- 1 root root 396 Jan 19 06:39 id_rsa.pub
2.3、我要单向畅通无阻的进入你的心(ssh-copy-id发送公钥和秘钥)
- 使用
ssh-copy-id可以将自己的公钥和私钥发送到其他远程的服务
Linux-144:~ # ssh-copy-id root@192.168.72.145
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.72.145 (192.168.72.145)' can't be established.
ECDSA key fingerprint is SHA256:r+MDt63O2buie+vek5ysFZ5wbxd+QolySolYxn6JMCU.
Are you sure you want to continue connecting (yes/no)? yes "首次登陆的时候,需要输入yes"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Password: "这里的密码,是192.168.72.145机器得密码"
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.72.145'"
and check to make sure that only the key(s) you wanted were added.
Linux-144:~ # ssh root@192.168.72.145 "我已经可以单向畅通无阻的进入145的心了(ssh远程机器,不需要输入密码了)"
Last login: Tue Jan 19 06:36:09 2021 from 192.168.72.1
Linux-145:~ # ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:0C:29:41:AC:5C
inet addr:192.168.72.145 Bcast:192.168.72.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe41:ac5c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:591 errors:0 dropped:0 overruns:0 frame:0
TX packets:330 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:63923 (62.4 Kb) TX bytes:57765 (56.4 Kb)
Linux-145:~ # ssh root@192.168.72.144 "但是145想要进入到144的心,就需要验证密码,单向奔赴,总是让人心疼"
The authenticity of host '192.168.72.144 (192.168.72.144)' can't be established.
ECDSA key fingerprint is SHA256:r+MDt63O2buie+vek5ysFZ5wbxd+QolySolYxn6JMCU.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.72.144' (ECDSA) to the list of known hosts.
Password:
Last login: Tue Jan 19 06:36:12 2021 from 192.168.72.1
2.4、双向奔赴,才有意义(利用authorized_keys文件)
- 当用户向自己使用
ssh-copy-id user@ip(ip为本机ip)时,会在~/.ssh目录下,产生authorized_keys文件 - 当用户向远程用户使用
ssh-copy-id -i user@ip(远程端用户的ip)时,远程用户的~/.ssh目录下,会产生authorized_keys文件
Linux-144:~ # ssh-copy-id root@192.168.72.144
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.72.144 (192.168.72.144)' can't be established.
ECDSA key fingerprint is SHA256:r+MDt63O2buie+vek5ysFZ5wbxd+QolySolYxn6JMCU.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.72.144'"
and check to make sure that only the key(s) you wanted were added.
Linux-144:~ # ll ~/.ssh/
total 16
-rw------- 1 root root 396 Jan 19 06:58 authorized_keys
-rw------- 1 root root 1675 Jan 19 06:39 id_rsa
-rw-r--r-- 1 root root 396 Jan 19 06:39 id_rsa.pub
-rw-r--r-- 1 root root 352 Jan 19 06:58 known_hosts
- 远程用户生成自己的公钥和秘钥,也对自己使用
ssh-copy-id -i user@ip(ip为本机ip),以此来产生authorized_keys文件
Linux-145:~ # ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:YRqMQywB7FBPve9XxBvCwG9mKkLuw/bBgc15HN4JjNs root@Linux-145
The key's randomart image is:
+---[RSA 2048]----+
|ooooo. . |
|...+.o.oo |
|o .+ +.*+ . |
| . .=.X =B.+ |
| o. B.E=oo o |
| o..oo o |
| o .oo . |
| = .. . |
| . o. . |
+----[SHA256]-----+
Linux-145:~ # ssh-copy-id -i root@192.168.72.145
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.72.145 (192.168.72.145)' can't be established.
ECDSA key fingerprint is SHA256:r+MDt63O2buie+vek5ysFZ5wbxd+QolySolYxn6JMCU.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.72.145'"
and check to make sure that only the key(s) you wanted were added.
Linux-145:~ # ll ~/.ssh
total 16
-rw------- 1 root root 792 Jan 19 07:03 authorized_keys
-rw------- 1 root root 1679 Jan 19 07:02 id_rsa
-rw-r--r-- 1 root root 396 Jan 19 07:02 id_rsa.pub
-rw-r--r-- 1 root root 352 Jan 19 07:02 known_hosts
- 将其他主机的
authorized_keys文件内的内容,复制到一台总的主机authorized_keys文件内,以此来达到多主机免密互信的效果
Linux-144:~ # cat ~/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMOdv/YkDbYwHRCo0ddj5IqiwLsLY8GkDUTh4yq9ypsyeIzcZvdrLWZ0ZJfFGdtX0RqeYOzbRyWbJZFGt64dZABoVedk429/fT92d1WoKMEfzek9u5uzxQIVKjJe5VaHj04ZW+snY2tsSJrKsCEe+NwaqrjnmU0I7fgSVXJgAiLwIp3yWMqj3nrV58FONaxcwzEkQ6o3Fz3jyqeXdy4vo/FoyT/dMBj4UK0xwKz3fy5h3k9Aarl7FjS3mBv7Tn0Q/zAGRJVSRc/M24tXiaqhBnh9MWxdZdxAwN76MaOOF0AcCE8oEHflZGByWwT7mQrnKP8ADerJqoE2BYpRhMHZvj root@Linux-144
Linux-145:~ # cat ~/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMOdv/YkDbYwHRCo0ddj5IqiwLsLY8GkDUTh4yq9ypsyeIzcZvdrLWZ0ZJfFGdtX0RqeYOzbRyWbJZFGt64dZABoVedk429/fT92d1WoKMEfzek9u5uzxQIVKjJe5VaHj04ZW+snY2tsSJrKsCEe+NwaqrjnmU0I7fgSVXJgAiLwIp3yWMqj3nrV58FONaxcwzEkQ6o3Fz3jyqeXdy4vo/FoyT/dMBj4UK0xwKz3fy5h3k9Aarl7FjS3mBv7Tn0Q/zAGRJVSRc/M24tXiaqhBnh9MWxdZdxAwN76MaOOF0AcCE8oEHflZGByWwT7mQrnKP8ADerJqoE2BYpRhMHZvj root@Linux-144
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqQQdDVXdaKvWSNucbOv69V4GKeU8Yi9A+9oDsWCgvN/BSVTATAHSxRNE5JSy+jnwb3EDqpDHxTuFgbLp6I91J4vc4Cj3ek75TbsFsrKmk3aIJF6DxCLzY0t9rySbeO7wCW8PffgtUSgtwrjL9m/ipqMmTjQsPRLoo8TCIYrnfvA/HJklS7gPXrWFquf0iaDjMMZpPhGkEU0wcHFbh4V73g4TsIpQ/fjnZfLmSxKN1UnNf8OGgf/Cq8kB7x3W3eduK9sZt28d2IwcPLXOvfbquZV98O8jonV2MOIYdIbKZiKa/fMeExhEO1LrvdnZINeSHNbXqIVhdRnbM9i5Sm+OZ root@Linux-145
Linux-145:~ # ssh root@192.168.72.144
Password:
"可以看到,144主机上,没有145主机的认证信息,因此,145主机通过ssh连接144主机的时候,需要提供密码"
"此时,我们将145机器上 authorized_keys 文件内,将第二段内容,复制到144机器上的 authorized_keys 文件内"
Linux-144:~ # cat ~/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMOdv/YkDbYwHRCo0ddj5IqiwLsLY8GkDUTh4yq9ypsyeIzcZvdrLWZ0ZJfFGdtX0RqeYOzbRyWbJZFGt64dZABoVedk429/fT92d1WoKMEfzek9u5uzxQIVKjJe5VaHj04ZW+snY2tsSJrKsCEe+NwaqrjnmU0I7fgSVXJgAiLwIp3yWMqj3nrV58FONaxcwzEkQ6o3Fz3jyqeXdy4vo/FoyT/dMBj4UK0xwKz3fy5h3k9Aarl7FjS3mBv7Tn0Q/zAGRJVSRc/M24tXiaqhBnh9MWxdZdxAwN76MaOOF0AcCE8oEHflZGByWwT7mQrnKP8ADerJqoE2BYpRhMHZvj root@Linux-144
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqQQdDVXdaKvWSNucbOv69V4GKeU8Yi9A+9oDsWCgvN/BSVTATAHSxRNE5JSy+jnwb3EDqpDHxTuFgbLp6I91J4vc4Cj3ek75TbsFsrKmk3aIJF6DxCLzY0t9rySbeO7wCW8PffgtUSgtwrjL9m/ipqMmTjQsPRLoo8TCIYrnfvA/HJklS7gPXrWFquf0iaDjMMZpPhGkEU0wcHFbh4V73g4TsIpQ/fjnZfLmSxKN1UnNf8OGgf/Cq8kB7x3W3eduK9sZt28d2IwcPLXOvfbquZV98O8jonV2MOIYdIbKZiKa/fMeExhEO1LrvdnZINeSHNbXqIVhdRnbM9i5Sm+OZ root@Linux-145
- 此时,我们在145机器上,通过ssh远程访问144机器来测试
Linux-145:~ # ssh root@192.168.72.144
Last login: Tue Jan 19 07:06:44 2021 from 192.168.72.145
Linux-144:~ # ssh root@192.168.72.145
Last login: Tue Jan 19 06:55:00 2021 from 192.168.72.144
Linux-145:~ # ssh root@192.168.72.144
Last login: Tue Jan 19 07:10:20 2021 from 192.168.72.145
Linux-144:~ # ssh root@192.168.72.145
Last login: Tue Jan 19 07:10:30 2021 from 192.168.72.144
Linux-145:~ # ssh root@192.168.72.144
Last login: Tue Jan 19 07:10:42 2021 from 192.168.72.145
Linux-144:~ # ssh root@192.168.72.145
Last login: Tue Jan 19 07:10:46 2021 from 192.168.72.144
- 这个时候,我们就可以看到,两台主机之间,已经可以双向畅通无阻的访问彼此的内心了
3、谢幕
- 彼此间的
交心,需要双向奔赴,只是其中一方赤露敞开,依旧无法解决问题 - 然而人却无法像机器一样这么单纯,人类似乎就是一个
矛盾体,越神秘的,越好奇;越容易得到的,越不珍惜 - 人类情感太复杂了,还是和机器过一辈子吧,毕竟
机器不会骗人,昂昂昂~~~
Linux爱情故事之如何以不一样的姿势(ssh)进入她的心的更多相关文章
- Java面试题总结之数据结构、算法和计算机基础(刘小牛和丝音的爱情故事1)
Java面试题总结之数据结构.算法和计算机基础(刘小牛和丝音的爱情故事1)mp.weixin.qq.com 全文字数: 1703 阅读时间: 大约6 分钟 刘小牛是一名Java程序员,由于天天9 ...
- 操作系统Unix、Windows、Mac OS、Linux的故事
电脑,计算机已经成为我们生活中必不可少的一部分.无论是大型的超级计算机,还是手机般小巧的终端设备,都跑着一个操作系统.正是这些操作系统,让那些硬件和芯片得意组合起来,让那些软件得以运行,让我们的世界在 ...
- jQuery Mobile_简单的爱情故事
<!doctype html> <html> <head> <meta charset="utf-8"> <meta name ...
- Unix、Windows、Mac OS、Linux系统故事
我们熟知的操作系统大概都是windows系列,近年来Apple的成功,让MacOS也逐渐走进普通用户.在服务器领域,恐怕Linux是无人不知无人不晓.他们都是操作系统,也在自己的领域里独领风骚.这都还 ...
- [转]操作系统Unix、Windows、Mac OS、Linux的故事
[写得很江湖气,可惜找不到原作者了] 文章转自:http://blog.csdn.net/wenmingchan/article/details/49925379 http://www.jb51.ne ...
- 【转】操作系统Unix、Windows、Mac OS、Linux的故事
电脑,计算机已经成为我们生活中必不可少的一部分.无论是大型的超级计算机,还是手机般小巧的终端设备,都跑着一个操作系统.正是这些操作系统,让那些硬件和芯片得意组合起来,让那些软件得以运行,让我们的世界在 ...
- 用Python讲述冯绍峰和赵丽颖的爱情故事
昨天刷头条时得知赵丽颖当妈妈了.作为一名程序员突发奇想,不如用Python简单叙述一下冯绍峰和赵丽颖的爱情故事,于是有了本文. 代码十分简单,适合编程小白和有一些Python基础的准程序员,其中用到了 ...
- 《Linux就该这么学》培训笔记_ch09_使用ssh服务管理远程主机
<Linux就该这么学>培训笔记_ch09_使用ssh服务管理远程主机 文章最后会post上书本的笔记照片. 文章主要内容: 配置网络服务 远程控制服务 不间断会话服务 书本笔记 配置网络 ...
- C语言与linux的故事
声明:本文是作者读完http://www.aqee.net/proof-that-linux-is-always-number-1/这篇文章后的随想. 凌晨2点,电脑前,程序员还在不断修改着自己的代码 ...
随机推荐
- vue中form 表单常用校验封装(async-validator)
新建一个js校验文件validate.js export const regular = { // 验证自然数 naturalNumber: /^(([0-9]*[1-9][0-9]*)|(0+))$ ...
- HTML相关知识入门
HTML 注意点 html是不区分大小写的 建议包括嵌套,不要交叉嵌套 文件后缀名可以是.html或.htm 格式 <!------类似于java中类的大括号--------> <h ...
- Docker之Docker Machine已弃用
作为刚开始学习docker的新手,从网上查询文档无疑是最快的学习捷径,但是这次在docker翻车了,困扰了整整三天,特记录一下. 一般我们使用docker for windows安装,一路往下点直至安 ...
- dubbo接口方法重载且入参未显式指定序列化id导致ClassCastException分析
问题描述&模拟 线上登录接口,通过监控查看,有类型转换异常,具体报错如下图 此报错信息是dubbo consumer端显示,且登录大部分是正常,有少量部分会报类型转换异常,同事通过更换方法名+ ...
- leetcode 13. 罗马数字转整数 及 12. 整数转罗马数字
13. 罗马数字转整数 问题描述 罗马数字包含以下七种字符: I, V, X, L,C,D 和 M. 字符 数值 I 1 V 5 X 10 L 50 C 100 D 500 M 1000 例如,罗马数 ...
- Linux下Redis 6.2.6安装和部署详细图文步骤
Redis(Remote Dictionary Server),即远程字典服务,是一个开源的使用ANSI C语言编写.支持网络.可基于内存亦可持久化的日志型.Key-Value数据库,并提供多种语言的 ...
- grafana中如何展示prometheus的延迟分布数据?
最终效果 最终在grafana中展示了一个服务每分钟的延迟分布: 各个部分的含义如下: 1.时间的分布,从0.01秒到最多720秒 2.用颜色深浅代表次数.颜色越深,请求次数越多 3.时间轴,代表在这 ...
- 计算机视觉3-> yolov5目标检测1 |从入门到出土
本来就想着是对自己第一次跑yolov5的coco128的一个记录,没想到现在准备总结一下的时候,一方面是继续学习了一些,另一方面是学长的一些任务的要求,挖出了更多的东西,所以把名字改为了"从 ...
- IDEA包名分层问题
解决办法: 将默认的"Hide empty Middle Packages"或者"compact middle packages"勾选项去掉,这样就不会把中间空 ...
- GitHubPages的域名解析信息
github目录下CNAME修改