Linux快速入门(八)效率工具(SSH)

环境

（1）Kali(源主机)，IP：10.211.55.4/24

（2）Ubuntu(目标主机)，IP：10.211.55.5/24

SSH

OpenSSH用于在远程系统上安全的运行Shell，假设现在需要在Kali机器上通过root用户远程登陆另一台机器Ubuntu，那么就可以使用SSH服务，但是使用SSH登录每次都需要输入密码，为了节省时间，可以配置SSH免密登陆。这样Kali这台机器就可以通过SSH直接登陆到Ubuntu。

SSH免密登陆

主机连通性

首先使用ping命令确保两台主机的连通性。

┌──(root㉿kali-linux-2022-2)-[~]
└─# ping 10.211.55.5
PING 10.211.55.5 (10.211.55.5) 56(84) bytes of data.
64 bytes from 10.211.55.5: icmp_seq=1 ttl=64 time=0.928 ms
64 bytes from 10.211.55.5: icmp_seq=2 ttl=64 time=0.818 ms
64 bytes from 10.211.55.5: icmp_seq=3 ttl=64 time=0.832 ms
^C
--- 10.211.55.5 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2050ms
rtt min/avg/max/mdev = 0.818/0.859/0.928/0.048 ms

创建配置文件

在Kali虚拟机虚拟机下创建SSH配置文件~/.ssh/config，先使用mkdir .ssh创建.ssh文件夹，然后进入.ssh文件夹通过touch config命令创建config文件，并在文件中配置以下按照格式配置以下信息：

Host 目标主机的别名
HostName 目标主机的IP或者域名
User 登陆目标主机使用的用户名

在Kali上配置如下：

┌──(root㉿kali-linux-2022-2)-[~]
└─# cat ~/.ssh/config
Host ubuntu
HostName 10.211.55.5
User parallels

创建密钥

使用ssh-keygen命令创建密钥，所有的配置默认即可。

┌──(root㉿kali-linux-2022-2)-[~]
└─# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:b/TY2e8TfhNTQu+lx+cnstlRZAeKEICVgKyGc2DeWy8 root@kali-linux-2022-2
The key's randomart image is:
+---[RSA 3072]----+
| . ..+ooo.    .  |
|..o . .  . . ... |
|+o.       . .. .+|
|+o.. .        .o=|
|.o  o . S .    =+|
|   . E . o + o.==|
|      .   + + +o=|
|         .  .o.*+|
|            oo.oB|
+----[SHA256]-----+

创建完成之后，可以在.ssh文件下看到多出了两个文件：id_rsa和id_rsa.pub，id_rsa是私钥，

id_rsa.pub是公钥。

┌──(root㉿kali-linux-2022-2)-[~]
└─# ls .ssh
config  id_rsa  id_rsa.pub

发送公钥

现在只要将公钥传给你需要登录的主机即可，在这里就是将公钥传给ubuntu虚拟机，可以直接使用ssh-copy-id ubuntu将密钥传过去，这里的ubuntu就是之前在config文件里设置的别名。这里只需要输入一次parallels用户登陆ubuntu时使用的密码，也就是在config文件里设置的用户名对应的密码。

┌──(root㉿kali-linux-2022-2)-[~/.ssh]
└─# ssh-copy-id ubuntu
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '10.211.55.5 (10.211.55.5)' can't be established.
ED25519 key fingerprint is SHA256:lN78YGD118UAp/ZmzrtWnrqicHaFkJbs5pIZfTH06b0.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
parallels@10.211.55.5's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'ubuntu'"
and check to make sure that only the key(s) you wanted were added.

第一次与陌生的主机建立连接之后会自动创建.ssh/know_hosts文件，这个文件中记录的是连接过的主机的信息

登录测试

完成上述步骤之后，通过ssh 主机别名的方式就可以实现免密登陆，退出时直接使用exit就可以退出。

┌──(root㉿kali-linux-2022-2)-[~/.ssh]
└─# ssh ubuntu
Welcome to Ubuntu 22.04 LTS (GNU/Linux 5.15.0-41-generic aarch64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

This system has been minimized by removing packages and content that are
not required on a system that users do not log into.

To restore this content, you can run the 'unminimize' command.

129 updates can be applied immediately.
32 of these updates are standard security updates.
To see these additional updates run: apt list --upgradable

Last login: Mon Aug 29 22:20:01 2022 from 10.211.55.4
parallels@ubuntu:~$
parallels@ubuntu:~$ exit
logout
Connection to 10.211.55.5 closed.

ssh和sshd

ssh是OpenSSH的服务端，sshd是OpenSSH的客户端。

配置文件

有关SSH的配置文件在/etc/ssh目录下

┌──(root㉿kali-linux-2022-2)-[~/.ssh]
└─# cd /etc/ssh 

┌──(root㉿kali-linux-2022-2)-[/etc/ssh]
└─# ls
moduli        sshd_config.d           ssh_host_ed25519_key.pub
ssh_config    ssh_host_ecdsa_key      ssh_host_rsa_key
ssh_config.d  ssh_host_ecdsa_key.pub  ssh_host_rsa_key.pub
sshd_config   ssh_host_ed25519_key

其中，ssh_config的配置是针对ssh的，sshd_config的配置是针对sshd的，这两个文件根据当前机器是用作客户端还是服务端对应修改的，配置文件中的具体内容在后面用到时再详解解释。

root用户远程登录

root用户默认是不允许远程登录的，如果想要开启root用户远程登录，需要在ubuntu上找到/etc/ssh中的配置文件sshd_config，然后将这个文件的权限改为读写：

parallels@ubuntu:~$ cd /etc/ssh/
parallels@ubuntu:/etc/ssh$ sudo chmod 666 sshd_config

接着在这个文件末尾添加PermitRootLogin yes，最后使用service ssh restart命令重启SSH服务。

这时，在Kali上，将~/.ssh/config中的User改为root：

Host ubuntu
HostName 10.211.55.5
User root

通过ssh-copy-id ubuntu将密钥传过去：

┌──(root㉿kali-linux-2022-2)-[~]
└─# ssh-copy-id ubuntu
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.211.55.5's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'ubuntu'"
and check to make sure that only the key(s) you wanted were added.

这样就可以实现root用户的免密登录：

┌──(root㉿kali-linux-2022-2)-[~]
└─# ssh ubuntu
Welcome to Ubuntu 22.04 LTS (GNU/Linux 5.15.0-41-generic aarch64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

This system has been minimized by removing packages and content that are
not required on a system that users do not log into.

To restore this content, you can run the 'unminimize' command.

129 updates can be applied immediately.
32 of these updates are standard security updates.
To see these additional updates run: apt list --upgradable

root@ubuntu:~# who am i
root     pts/1        2022-08-29 23:02 (10.211.55.4)
root@ubuntu:~# exit
logout
Connection to 10.211.55.5 closed.