1、ssh是谁,为什么要进入她的心

  • sshlinux 操作系统的远程登录命令
  • ssh 默认的端口为 22
  • ssh 安全协议版本为 SSH2
  • sshopenssh(提供ssh服务)openssl(提供加密的程序) 组成
  • windows 上常用的 ssh客户端 有:xshellxtermfinalshellputty 等等

2、如何正确的扒拉ssh

2.1、ssh的常用参数

Linux:~ # ssh --help

unknown option -- -

usage: ssh [-1246AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]

           [-D [bind_address:]port] [-E log_file] [-e escape_char]

           [-F configfile] [-I pkcs11] [-i identity_file]

           [-J [user@]host[:port]] [-L address] [-l login_name] [-m mac_spec]

           [-O ctl_cmd] [-o option] [-p port] [-Q query_option] [-R address]

           [-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]]

           [user@]hostname [command]

2.2、您配钥匙吗?(ssh生成公钥或者秘钥)

  • 在没有配置过公钥或者私钥的机器上,是不会生成.ssh目录的,.ssh目录在用户的家目录下面(那可不,你家钥匙肯定在你家呗)
Linux-144:~ # cd ~/.ssh

-bash: cd: /root/.ssh: No such file or directory
  • 使用 ssh-keygen 命令,获得属于自己的公钥和私钥
  • 输入 ssh-keygen 命令后,一路回车即可同时获得公钥(id_rsa.pub)和私钥(id_rsa)
  • ssh-keyge -t 可以指定生成公钥和私钥的算法,默认是 rsa 算法
    • [-t dsa | ecdsa | ed25519 | rsa | rsa1] 有这里的五种算法
Linux-144:~ # ssh-keygen

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Created directory '/root/.ssh'.

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

SHA256:nUn0/piKV9GejHr7uo4Hj+xMCWlMQK/4NNhnOoUQHV0 root@Linux-144

The key's randomart image is:

+---[RSA 2048]----+

|    .o+o .E      |

|     ..o.. .     |

|    .   o . ..   |

|     = = + +. .  |

|    o * S + .= . |

|     o B ...o++  |

|      +  .o*o .  |

|       . +=o+    |

|        .o=+==.  |

+----[SHA256]-----+

Linux-144:~ # ll ~/.ssh/

total 8

-rw------- 1 root root 1675 Jan 19 06:39 id_rsa

-rw-r--r-- 1 root root  396 Jan 19 06:39 id_rsa.pub

2.3、我要单向畅通无阻的进入你的心(ssh-copy-id发送公钥和秘钥)

  • 使用 ssh-copy-id 可以将自己的公钥和私钥发送到其他远程的服务
Linux-144:~ # ssh-copy-id root@192.168.72.145

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"

The authenticity of host '192.168.72.145 (192.168.72.145)' can't be established.

ECDSA key fingerprint is SHA256:r+MDt63O2buie+vek5ysFZ5wbxd+QolySolYxn6JMCU.

Are you sure you want to continue connecting (yes/no)? yes            "首次登陆的时候,需要输入yes"

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

Password:                                                             "这里的密码,是192.168.72.145机器得密码"

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.72.145'"

and check to make sure that only the key(s) you wanted were added.


Linux-144:~ # ssh root@192.168.72.145                     "我已经可以单向畅通无阻的进入145的心了(ssh远程机器,不需要输入密码了)"

Last login: Tue Jan 19 06:36:09 2021 from 192.168.72.1

Linux-145:~ # ifconfig eth0

eth0      Link encap:Ethernet  HWaddr 00:0C:29:41:AC:5C

          inet addr:192.168.72.145  Bcast:192.168.72.255  Mask:255.255.255.0

          inet6 addr: fe80::20c:29ff:fe41:ac5c/64 Scope:Link

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:591 errors:0 dropped:0 overruns:0 frame:0

          TX packets:330 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:63923 (62.4 Kb)  TX bytes:57765 (56.4 Kb)


Linux-145:~ # ssh root@192.168.72.144                     "但是145想要进入到144的心,就需要验证密码,单向奔赴,总是让人心疼"

The authenticity of host '192.168.72.144 (192.168.72.144)' can't be established.

ECDSA key fingerprint is SHA256:r+MDt63O2buie+vek5ysFZ5wbxd+QolySolYxn6JMCU.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '192.168.72.144' (ECDSA) to the list of known hosts.

Password:

Last login: Tue Jan 19 06:36:12 2021 from 192.168.72.1

2.4、双向奔赴,才有意义(利用authorized_keys文件)

  • 当用户向自己使用 ssh-copy-id user@ip(ip为本机ip) 时,会在 ~/.ssh 目录下,产生 authorized_keys 文件
  • 当用户向远程用户使用 ssh-copy-id -i user@ip(远程端用户的ip) 时,远程用户的 ~/.ssh 目录下,会产生 authorized_keys 文件
Linux-144:~ # ssh-copy-id root@192.168.72.144

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"

The authenticity of host '192.168.72.144 (192.168.72.144)' can't be established.

ECDSA key fingerprint is SHA256:r+MDt63O2buie+vek5ysFZ5wbxd+QolySolYxn6JMCU.

Are you sure you want to continue connecting (yes/no)? yes

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

Password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.72.144'"

and check to make sure that only the key(s) you wanted were added.

Linux-144:~ # ll ~/.ssh/

total 16

-rw------- 1 root root  396 Jan 19 06:58 authorized_keys

-rw------- 1 root root 1675 Jan 19 06:39 id_rsa

-rw-r--r-- 1 root root  396 Jan 19 06:39 id_rsa.pub

-rw-r--r-- 1 root root  352 Jan 19 06:58 known_hosts
  • 远程用户生成自己的公钥和秘钥,也对自己使用 ssh-copy-id -i user@ip(ip为本机ip) ,以此来产生 authorized_keys 文件
Linux-145:~ # ssh-keygen

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

SHA256:YRqMQywB7FBPve9XxBvCwG9mKkLuw/bBgc15HN4JjNs root@Linux-145

The key's randomart image is:

+---[RSA 2048]----+

|ooooo. .         |

|...+.o.oo        |

|o  .+ +.*+ .     |

| .  .=.X =B.+    |

|   o. B.E=oo o   |

|    o..oo   o    |

|   o .oo   .     |

|    =  .. .      |

|   . o.  .       |

+----[SHA256]-----+

Linux-145:~ # ssh-copy-id -i root@192.168.72.145

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"

The authenticity of host '192.168.72.145 (192.168.72.145)' can't be established.

ECDSA key fingerprint is SHA256:r+MDt63O2buie+vek5ysFZ5wbxd+QolySolYxn6JMCU.

Are you sure you want to continue connecting (yes/no)? yes

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

Password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.72.145'"

and check to make sure that only the key(s) you wanted were added.

Linux-145:~ # ll ~/.ssh

total 16

-rw------- 1 root root  792 Jan 19 07:03 authorized_keys

-rw------- 1 root root 1679 Jan 19 07:02 id_rsa

-rw-r--r-- 1 root root  396 Jan 19 07:02 id_rsa.pub

-rw-r--r-- 1 root root  352 Jan 19 07:02 known_hosts
  • 将其他主机的 authorized_keys 文件内的内容,复制到一台总的主机 authorized_keys 文件内,以此来达到多主机免密互信的效果
Linux-144:~ # cat ~/.ssh/authorized_keys

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMOdv/YkDbYwHRCo0ddj5IqiwLsLY8GkDUTh4yq9ypsyeIzcZvdrLWZ0ZJfFGdtX0RqeYOzbRyWbJZFGt64dZABoVedk429/fT92d1WoKMEfzek9u5uzxQIVKjJe5VaHj04ZW+snY2tsSJrKsCEe+NwaqrjnmU0I7fgSVXJgAiLwIp3yWMqj3nrV58FONaxcwzEkQ6o3Fz3jyqeXdy4vo/FoyT/dMBj4UK0xwKz3fy5h3k9Aarl7FjS3mBv7Tn0Q/zAGRJVSRc/M24tXiaqhBnh9MWxdZdxAwN76MaOOF0AcCE8oEHflZGByWwT7mQrnKP8ADerJqoE2BYpRhMHZvj root@Linux-144

Linux-145:~ # cat ~/.ssh/authorized_keys

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMOdv/YkDbYwHRCo0ddj5IqiwLsLY8GkDUTh4yq9ypsyeIzcZvdrLWZ0ZJfFGdtX0RqeYOzbRyWbJZFGt64dZABoVedk429/fT92d1WoKMEfzek9u5uzxQIVKjJe5VaHj04ZW+snY2tsSJrKsCEe+NwaqrjnmU0I7fgSVXJgAiLwIp3yWMqj3nrV58FONaxcwzEkQ6o3Fz3jyqeXdy4vo/FoyT/dMBj4UK0xwKz3fy5h3k9Aarl7FjS3mBv7Tn0Q/zAGRJVSRc/M24tXiaqhBnh9MWxdZdxAwN76MaOOF0AcCE8oEHflZGByWwT7mQrnKP8ADerJqoE2BYpRhMHZvj root@Linux-144

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqQQdDVXdaKvWSNucbOv69V4GKeU8Yi9A+9oDsWCgvN/BSVTATAHSxRNE5JSy+jnwb3EDqpDHxTuFgbLp6I91J4vc4Cj3ek75TbsFsrKmk3aIJF6DxCLzY0t9rySbeO7wCW8PffgtUSgtwrjL9m/ipqMmTjQsPRLoo8TCIYrnfvA/HJklS7gPXrWFquf0iaDjMMZpPhGkEU0wcHFbh4V73g4TsIpQ/fjnZfLmSxKN1UnNf8OGgf/Cq8kB7x3W3eduK9sZt28d2IwcPLXOvfbquZV98O8jonV2MOIYdIbKZiKa/fMeExhEO1LrvdnZINeSHNbXqIVhdRnbM9i5Sm+OZ root@Linux-145

Linux-145:~ # ssh root@192.168.72.144

Password:

"可以看到,144主机上,没有145主机的认证信息,因此,145主机通过ssh连接144主机的时候,需要提供密码"

"此时,我们将145机器上 authorized_keys 文件内,将第二段内容,复制到144机器上的 authorized_keys 文件内"

Linux-144:~ # cat ~/.ssh/authorized_keys

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMOdv/YkDbYwHRCo0ddj5IqiwLsLY8GkDUTh4yq9ypsyeIzcZvdrLWZ0ZJfFGdtX0RqeYOzbRyWbJZFGt64dZABoVedk429/fT92d1WoKMEfzek9u5uzxQIVKjJe5VaHj04ZW+snY2tsSJrKsCEe+NwaqrjnmU0I7fgSVXJgAiLwIp3yWMqj3nrV58FONaxcwzEkQ6o3Fz3jyqeXdy4vo/FoyT/dMBj4UK0xwKz3fy5h3k9Aarl7FjS3mBv7Tn0Q/zAGRJVSRc/M24tXiaqhBnh9MWxdZdxAwN76MaOOF0AcCE8oEHflZGByWwT7mQrnKP8ADerJqoE2BYpRhMHZvj root@Linux-144

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqQQdDVXdaKvWSNucbOv69V4GKeU8Yi9A+9oDsWCgvN/BSVTATAHSxRNE5JSy+jnwb3EDqpDHxTuFgbLp6I91J4vc4Cj3ek75TbsFsrKmk3aIJF6DxCLzY0t9rySbeO7wCW8PffgtUSgtwrjL9m/ipqMmTjQsPRLoo8TCIYrnfvA/HJklS7gPXrWFquf0iaDjMMZpPhGkEU0wcHFbh4V73g4TsIpQ/fjnZfLmSxKN1UnNf8OGgf/Cq8kB7x3W3eduK9sZt28d2IwcPLXOvfbquZV98O8jonV2MOIYdIbKZiKa/fMeExhEO1LrvdnZINeSHNbXqIVhdRnbM9i5Sm+OZ root@Linux-145
  • 此时,我们在145机器上,通过ssh远程访问144机器来测试
Linux-145:~ # ssh root@192.168.72.144

Last login: Tue Jan 19 07:06:44 2021 from 192.168.72.145

Linux-144:~ # ssh root@192.168.72.145

Last login: Tue Jan 19 06:55:00 2021 from 192.168.72.144

Linux-145:~ # ssh root@192.168.72.144

Last login: Tue Jan 19 07:10:20 2021 from 192.168.72.145

Linux-144:~ # ssh root@192.168.72.145

Last login: Tue Jan 19 07:10:30 2021 from 192.168.72.144

Linux-145:~ # ssh root@192.168.72.144

Last login: Tue Jan 19 07:10:42 2021 from 192.168.72.145

Linux-144:~ # ssh root@192.168.72.145

Last login: Tue Jan 19 07:10:46 2021 from 192.168.72.144
  • 这个时候,我们就可以看到,两台主机之间,已经可以双向畅通无阻的访问彼此的内心了

3、谢幕

  • 彼此间的交心,需要双向奔赴,只是其中一方赤露敞开,依旧无法解决问题
  • 然而人却无法像机器一样这么单纯,人类似乎就是一个矛盾体越神秘的,越好奇越容易得到的,越不珍惜
  • 人类情感太复杂了,还是和机器过一辈子吧,毕竟机器不会骗人昂昂昂~~~

Linux爱情故事之如何以不一样的姿势(ssh)进入她的心的更多相关文章

  1. Java面试题总结之数据结构、算法和计算机基础(刘小牛和丝音的爱情故事1)

      Java面试题总结之数据结构.算法和计算机基础(刘小牛和丝音的爱情故事1)​mp.weixin.qq.com 全文字数: 1703 阅读时间: 大约6 分钟 刘小牛是一名Java程序员,由于天天9 ...

  2. 操作系统Unix、Windows、Mac OS、Linux的故事

    电脑,计算机已经成为我们生活中必不可少的一部分.无论是大型的超级计算机,还是手机般小巧的终端设备,都跑着一个操作系统.正是这些操作系统,让那些硬件和芯片得意组合起来,让那些软件得以运行,让我们的世界在 ...

  3. jQuery Mobile_简单的爱情故事

    <!doctype html> <html> <head> <meta charset="utf-8"> <meta name ...

  4. Unix、Windows、Mac OS、Linux系统故事

    我们熟知的操作系统大概都是windows系列,近年来Apple的成功,让MacOS也逐渐走进普通用户.在服务器领域,恐怕Linux是无人不知无人不晓.他们都是操作系统,也在自己的领域里独领风骚.这都还 ...

  5. [转]操作系统Unix、Windows、Mac OS、Linux的故事

    [写得很江湖气,可惜找不到原作者了] 文章转自:http://blog.csdn.net/wenmingchan/article/details/49925379 http://www.jb51.ne ...

  6. 【转】操作系统Unix、Windows、Mac OS、Linux的故事

    电脑,计算机已经成为我们生活中必不可少的一部分.无论是大型的超级计算机,还是手机般小巧的终端设备,都跑着一个操作系统.正是这些操作系统,让那些硬件和芯片得意组合起来,让那些软件得以运行,让我们的世界在 ...

  7. 用Python讲述冯绍峰和赵丽颖的爱情故事

    昨天刷头条时得知赵丽颖当妈妈了.作为一名程序员突发奇想,不如用Python简单叙述一下冯绍峰和赵丽颖的爱情故事,于是有了本文. 代码十分简单,适合编程小白和有一些Python基础的准程序员,其中用到了 ...

  8. 《Linux就该这么学》培训笔记_ch09_使用ssh服务管理远程主机

    <Linux就该这么学>培训笔记_ch09_使用ssh服务管理远程主机 文章最后会post上书本的笔记照片. 文章主要内容: 配置网络服务 远程控制服务 不间断会话服务 书本笔记 配置网络 ...

  9. C语言与linux的故事

    声明:本文是作者读完http://www.aqee.net/proof-that-linux-is-always-number-1/这篇文章后的随想. 凌晨2点,电脑前,程序员还在不断修改着自己的代码 ...

随机推荐

  1. kafka学习笔记(五)kafka的请求处理模块

    概述 现在介绍学习一下kafka的请求处理模块,请求处理模块就是网络请求处理和api处理,这是kafka无论是对客户端还是集群内部都是非常重要的模块.现在我们对他进行源码深入探讨.当我们说到 Kafk ...

  2. echarts-gl初体验:使用echarts-gl实现3D地球

    首先我们要下载引入echarts.js和echarts-gl.js 有需要的自己拿资源哈 链接:https://pan.baidu.com/s/1J7U79ey-2ZN4pjb7RTarjg 提取码: ...

  3. 【Java】System类时间戳

    System类中获取时间戳 long time = System.currentTimeMillis(); //返回当前时间与1970年1月1日0时0分0秒之间以毫秒为单位的时间差称为时间戳 Syst ...

  4. Java对象内存模型

    2 Java对象内存模型 在HotSpot虚拟机中,对象在内存中存储的布局可以分为3块区域:对象头(Header). 实例数据(Instance Data)和对齐填充(Padding). 在 JVM ...

  5. PCx安装使用

    PCx安装使用 注意:不要到Mittleman的网页下给的那个网站去下载,版本太老,只能在REDHAT操作系统上编译,且不能运行 mkdir PCx cd PCx/ git clone https:/ ...

  6. jsp标签 formatNumber、formatDate、parseNumber、parseDate的使用

    引用本文的有关标签需要引用对应的标签库 <%--引入格式化动作标签库--%> <%@taglib prefix="fmt" uri="http://ja ...

  7. 【重构前端知识体系之HTML】讲讲对HTML5的一大特性——语义化的理解

    [重构前端知识体系之HTML]讲讲对HTML5的一大特性--语义化的理解 引言 在讲什么是语义化之前,先看看语义化的背景. 在之前的文章中提到HTML最重要的特性,那就是标签.但是项目一大,标签多的看 ...

  8. luis使用手册

    Luis聊天机器人的使用 首先打开luis官网 图5.1  luis官网界面 图5.2  app应用管理界面 界面显示现有应用,显示它们的名称,语言,日期,以及使用次数.点击创建一个新的app应用. ...

  9. linux单用户模式修改密码与系统启动级别

    目录 一:系统启动级别 二:单用户模式修改密码 一:系统启动级别 系统启动级别: 0 关机 1 单用户模式(无法通过xshell方式使用)(虚拟机操作)(系统云服务商后台) 2 多用户无网络模式 3 ...

  10. 学习JAVAWEB第四天

    # 今日内容 1. JDBC基本概念 2. 快速入门 3. 对JDBC中各个接口和类详解 ## JDBC: 1. 概念:Java DataBase Connectivity Java 数据库连接, J ...