指令之ssh

原创

zhujiangtao123 2014-03-10 16:36:07 博主文章分类：服务篇 ©著作权

©著作权归作者所有：来自51CTO博客作者zhujiangtao123的原创作品，谢绝转载，否则将追究法律责任

[root@localhost scripts]# ssh --help
usage: ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]
           [-D [bind_address:]port] [-e escape_char] [-F configfile]
           [-i identity_file] [-L [bind_address:]port:host:hostport]
           [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
           [-R [bind_address:]port:host:hostport] [-S ctl_path]
           [-W host:port] [-w local_tun[:remote_tun]]
           [user@]hostname [command]

1.查看ssh客户端的版本号

[test@ptestsrv1 ~]$ ssh -V
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008

2. -l ：指定登陆的用户名

[test@ptestsrv1 ~]$ ssh -l root 192.168.0.70
[test@ptestsrv1 ~]$ ssh root@192.168.0.70
[test@ptestsrv1 ~]$ ssh 192.168.0.70 #没指定用户的情况下。默认使用客户端的用户，在这是test

3.-p port ：指定远程主机开放的sshd的服务的端口，默认是22

[test@ptestsrv1 ~]$ ssh root@192.168.0.70 22
[test@ptestsrv1 ~]$ ssh root@192.168.0.70 -p 22

ssh免密码登陆：

1.生成密钥
[root@jiang ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
19:9e:20:ad:e4:4e:ac:dc:d9:1e:f7:cb:a9:a1:27:92 root@jiang
The key's randomart p_w_picpath is:
+--[ RSA 2048]----+
|                 |
|     .           |
|    o o .        |
|   + o o +       |
|    =   S        |
| . = o           |
|  o +.o o        |
|    E..+.+ .     |
|     .oo..=.     |
+-----------------+
2.
[root@jiang ~]# ll /root/.ssh/
总用量 16
-rw-r--r--. 1 root root 2366 4月   4 14:12 authorized_keys
-rw-------. 1 root root 1675 4月   4 14:34 id_rsa #生成的私钥
-rw-r--r--. 1 root root  392 4月   4 14:34 id_rsa.pub#生成的公钥
-rw-r--r--. 1 root root 1186 4月   4 14:32 known_hosts
3.
[root@jiang ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub 192.168.56.101 #该指令会把生成的公钥添加到远程主机192.168.56.101的家目录 .ssh/authorized_keys
文件中。
root@192.168.56.101's password:
Now try logging into the machine, with "ssh '192.168.56.101'", and check in:
  .ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
4.
[root@jiang ~]# ssh 192.168.56.101
Last login: Fri Apr  4 14:34:47 2014 from 192.168.56.102 #不用密码登陆成功。

ssh免密码登陆设置时应注意的几个问题：

[root@zhu ~]# ll -d /root/
drwxr-xr-x. 11 root root 4096 4月   4 14:17 /root/ #远程主机家目录的权限一定要是755
[root@zhu .ssh]# ll /root/.ssh/
总用量 16
-rw-------. 1 root root  392 4月   4 14:31 authorized_keys #该文件的权限一定要是600
-rw-------. 1 root root 1671 4月   4 13:34 id_rsa
-rw-r--r--. 1 root root  390 4月   4 13:34 id_rsa.pub
-rw-r--r--. 1 root root  396 4月   4 13:06 known_hosts