SSH 爲 Secure Shell 的縮寫,SSH 爲建立在應用層基礎上的安全協議。SSH 是目前較可靠,專爲遠程登錄會話和其他網絡服務提供安全性的協議。利用 SSH 協議可以有效防止遠程管理過程中的信息泄露問題。
1、ssh安全的加密協議,用於遠程連接服務器。
2、默認端口22,安全協議版本ssh2.
3、服務端包含兩個服務功能:ssh遠程連接;SFTP服務。
4、ssh客戶端半酣ssh連接命令,以及遠程拷貝scp命令等。
-
利用ssh遠程登陸另一臺機器:
[root@ycz-computer ~]# ssh -p port [email protected]
-p(小寫)接端口,ssh默認端口22;[root@ycz-computer ~]# ssh -p 22 [email protected] The authenticity of host '192.168.146.143 (192.168.146.143)' can't be established. ECDSA key fingerprint is da:71:20:ad:03:53:ac:b7:ed:a8:ca:2d:d1:93:2e:25. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.146.143' (ECDSA) to the list of known hosts. [email protected]'s password: Last login: Sun Jun 3 19:41:12 2018 welcome to yczcomputer!!! [chunzi@ycz-computer ~]$ - 退出ssh之後本地家目錄出現認證口令:
[chunzi@ycz-computer ~]$ logout Connection to 192.168.146.143 closed. [root@ycz-computer ~]# ls -l ~/.ssh total 4 -rw-r--r--. 1 root root 177 Jun 3 19:42 known_hosts [root@ycz-computer ~]# cat ~/.ssh/known_hosts 192.168.146.143ecdsa-sha2-nistp256AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBwvK+r3suNV22luTg392mzjomP6P1ACFcNtqOcDtZKmvV5W9ulQBxb9OZXBNePoIs9OmDnuqZ9odVhGrVMaOxY= -
ssh遠程連接直接執行命令:
[root@ycz-computer ~]# ssh -p22 [email protected] /usr/bin/free -m #全路徑 [email protected]'s password: total used free shared buff/cache available Mem: 1823 112 1550 8 161 1536 Swap: 4095 0 4095 [root@ycz-computer ~]# - scp命令的使用:
將本地/lab/data/scp.txt拷貝到192.168.146.143機器chunzi用戶下/lab目錄下 [root@ycz-computer lab]# scp -P22 /lab/data/scp.txt [email protected]:/lab [email protected]'s password: scp.txt 100% 0 0.0KB/s 00:00 - 查看結果:
[root@ycz-computer /]# cd lab [root@ycz-computer lab]# ll scp.txt -rw-r--r--. 1 chunzi chunzi 0 Jun 4 11:38 scp.txt [root@ycz-computer lab]#注意:遠端/lab目錄需要有其他用戶rwx權限才能成功。
- 將遠端/lab/scp.txt文件拷貝到本地當前目錄。
[root@ycz-computer lab]# scp -P22 [email protected]:/lab/scp2.txt ./ [email protected]'s password: scp2.txt 100% 0 0.0KB/s 00:00 [root@ycz-computer lab]# ll scp2.txt -rw-r--r--. 1 root root 0 Jun 4 11:48 scp2.txt [root@ycz-computer lab]#ssh -p 小寫 scp -P 大寫 拷貝目錄加參數-r
[root@ycz-computer ~]# scp -P22 -r [email protected]:/lab/shiyan/ ./ [email protected]'s password: c2 100% 26 0.0KB/s 00:00 c.sh 100% 16 0.0KB/s 00:00 hhhh 100% 0 0.0KB/s 00:00 yangchunzi 100% 11 0.0KB/s 00:00 time.sh 100% 31 0.0KB/s 00:00 b 100% 55 0.1KB/s 00:00 xin.py 100% 301 0.3KB/s 00:00 1.py 100% 183 0.2KB/s 00:00 [root@ycz-computer ~]# ls anaconda-ks.cfg services_2018-05-14-16.tar.gz mbr.bin shiyan - ssh服務服務附帶的sftp服務功能: get下載 put上傳
[root@ycz-computer ~]# sftp -o port=22 [email protected] [email protected]'s password: Connected to 192.168.146.143. sftp> put ./shiyan/1.py #將./shiyan/目錄下1.py文件上傳到遠端家目錄 Uploading ./shiyan/1.py to /home/chunzi/1.py ./shiyan/1.py 100% 183 0.2KB/s 00:00 [chunzi@ycz-computer ~]$ ls #驗證 1.py a b sftp> get a #將遠端家目錄下面的文件a下載到本地 Fetching /home/chunzi/a to a sftp> ^D [root@ycz-computer ~]# ll a #驗證 -rw-r--r--. 1 root root 0 Jun 4 16:20 a注意:
Uploading ./shiyan/1.py to /home/chunzi/1.py
remote open("/home/chunzi/1.py"): Permission denied
若出現這種問題,則說明遠端家目錄沒有寫w的權限。默認/tmp目錄有權限。可以將文件上傳至遠端/tmp目錄下之後在經行操作。如果想直接上傳至遠端家目錄,需要增加/home/user寫w的權限。 - sftp與windows本地上傳下載:
![Linux的SSH服務初學]()
sftp> put "E:\wind.txt" #將windows本地E盤文件上傳Linux家目錄,路徑雙引號 Uploading wind.txt to /root/wind.txt 100% 0 bytes 0 bytes/s 00:00:00 [root@ycz-computer ~]# ll wind.txt #驗證 -rw-r--r--. 1 root root 0 Jun 4 16:58 wind.txt sftp> get a.txt #將Linux家目錄文件a.txt下載到windows本地 Downloading a.txt from /root/a.txt 100% 0 bytes 0 bytes/s 00:00:00![Linux的SSH服務初學]()
