ssh的配置文件有两个:服务端:/etc/ssh/sshd_config
客户端:/etc/ssh_config
服务端配置文件:/etc/ssh/sshd_config
[root@localhost /]# vim /etc/ssh/sshd_config
Port #端口
ListenAddress 0.0.0.0 #监听的IP
Protocol #ssh版本
HostKey /etc/ssh/ssh_host_rsa_key #私钥保存位置
ServerKeyBits #私钥的位数
SyslogFacility AUTH #日志记录ssh登陆情况
LogLevel INFO #日志等级
GSSAPIAuthentication yes #GSSAPI认证开启
安装设定
PermitRootLogin yes #允许root用户ssh登陆
PubkeyAuthentication yes #是否使用公钥验证
AuthorizedKeysFile .ssh/authorized_keys #公钥的保存位置
PasswordAuthentication yes #允许使用密码验证登陆
PermitEmptyPasswords no #不允许空密码登陆
ssh命令
ssh远程管理
命令: ssh 用户名@目标IP
示例:
[root@localhost /]# ssh root@192.168.119.134
The authenticity of host '192.168.119.134 (192.168.119.134)' can't be established.
RSA key fingerprint is :6e:::e3:2e:1b:ea:::c8:db:d2::8b:8d.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': y
Please type 'yes' or 'no': yes
Warning: Permanently added '192.168.119.134' (RSA) to the list of known hosts.
root@192.168.119.134's password:
Last login: Wed Oct :: from 192.168.119.1
[root@localhost ~]# ifconfig | grep inet
inet addr:192.168.119.134 Bcast:192.168.119.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe6e:24e0/ Scope:Link
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::/ Scope:Host
scp远程复制
下载:
scp root@192.168.119.134:/root/text.txt
上传:
scp -r /root/123/ root@192.168.119.134:/root
sftp文件传输
sftp root@192.168.119.134
ls 查看服务器端数据
cd 切换服务器端目录
lls 查看本地数据
lcd 切换本地目录
get 下载
put 上传
密钥对登陆