In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-04 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/01 Report--
This article mainly shows you "what are the common problems when connecting to SSH services in Linux?" the content is simple and clear. I hope it can help you solve your doubts. Let me lead you to study and learn what are the common problems when connecting to SSH services in Linux.
What is SSH?
The English full name of SSH is Secure SHell. By using SSH, you can encrypt all transmitted data, making man-in-the-middle attacks impossible and preventing DNS and IP spoofing. Another extra benefit is that the transmitted data is compressed, so the speed of transmission can be accelerated. SSH has many functions. It can not only replace telnet, but also provide a secure "channel" for ftp, pop, and even ppp. When the SSH client communicates with the server, the user name and password are encrypted, which effectively prevents the eavesdropping of the password. SSH was originally developed by a Finnish company. However, due to the limitations of copyright and encryption algorithms, many people now switch to OpenSSH. OpenSSH is an alternative to SSH and is free, and it can be expected that more and more people will use it instead of SSH in the future. SSH is composed of client-side and server-side software. SSH is easy to install, easy to use, and relatively common. General Unix systems, Linux systems, and FreeBSD systems all come with application packages that support SSH.
How does SSH's security verification work?
From the client side, SSH provides two levels of security authentication.
The first level (password-based security authentication) allows you to log in to the remote host as long as you know your account number and password. All transmitted data will be encrypted, but there is no guarantee that the server you are connecting to is the server you want to connect to. There may be other servers pretending to be real servers, that is, being attacked by "middlemen".
The second level (key-based security authentication) relies on keys, that is, you must create a pair of keys for yourself and place the public keys on the server you need to access. If you want to connect to the SSH server, the client software will send a request to the server for security authentication with your key. After the server receives the request, first look for your public key in the server's home directory, and then compare it with the public key you sent. If the two keys match, the server encrypts the "challenge" with the public key and sends it to the client software. After receiving the challenge, the client software can decrypt it with your private key and send it to the server.
In this way, you must know the password of your key. However, compared with the first level, the second level does not need to transmit passwords on the network.
The second level not only encrypts all transmitted data, but also the "man in the middle" attack is impossible (because he doesn't have your private key). But the entire login process may take 10 seconds.
Format of the command
First, make sure that the ssh service on the server side is on (service shhd start)
Then enter: ssh usrname@serverip (remote login) on the client side
Scp filename usrname@serverip:/URL (remote transmission)
Common problems:
Question one
Failed to link port when ssh logged in
Tip (1):
# ssh 172.16.81.221
Ssh: connect to host 172.16.81.221 port 22: No route to host
This is because the server is not powered on or the network is not connected (there are many reasons, the simplest one is that the network cable is not plugged in. In addition, it may be the network card down, etc.)
Tip (2):
# ssh work@172.16.81.221
Ssh: connect to host 172.16.81.221 port 22: Connection refused
This is because the ssh service of the other party's server is not turned on. Just start the service on this server.
Question 2.
The password is correct when ssh goes to server, but the following information is reported:
# ssh 172.16.81.221
Root@172.16.81.221's password:
Permission denied, please try again.
This is because if the user name is not entered, the default is the root user, but the ssh service does not have the ssh permission of the root user by default during the security period.
Solution:
To modify the ssh permissions of root, that is, to modify the / etc/ssh/sshd_config file
Change PermitRootLogin no to PermitRootLogin yes
Question three
The following prompt appears when logging in:
Ssh root@172.16.81.221
@ @ @
WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@ @ @
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
76:fb:b3:70:14:48:19:d6:29:f9:ba:42:46:be:fb:77.
Please contact your system administrator.
Add correct host key in / home/fante/.ssh/known_hosts to get rid of this
Message.
Offending key in / home/fante/.ssh/known_hosts:68
RSA host key for 172.16.81.221 has changed and you have requested strict checking.
Host key verification failed.
When the server password or other changes occur. Generally speaking, the solution is to delete the corresponding line of ~ / .ssh/known_hosts, and then log in.
These are all the contents of the article "what are the common problems when connecting to SSH services in Linux?" Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.