In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-17 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/01 Report--
This article introduces the relevant knowledge of "how to configure SSH under the Linux system". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!
SSH is a toolkit used to replace TELNET, FTP and R commands, mainly to solve the problem of plaintext transmission of passwords on the Internet. For the sake of system security and users' own rights and interests, it is necessary to promote SSH. There are two versions of SSH, and we are introducing version 2.
First, install SSH
The specific steps are as follows:
(ftp://ftp.pku.edu.cn:/pub/unix/ssh-2.3.0.tar.gz)
Become superuser (root).
# gzip-cd ssh-2.3.0.tar.gz | tar xvf-
# cd ssh-2.3.0
#. / configure
Note that if you want to use tcp_wrappers to control SSH, you need to add the option "--with-libwrap=/path/to/libwrap/" to configure to tell SSH about the location of libwrap.an and tcpd.h.
# make
# make install
Programs related to SSH are placed under / usr/local/bin, including ssh,sftp,sshd2, ssh-keygen, etc.
II. Configuration
The configuration file for SSH is under / etc/ssh3, which includes the host public and private keys of sshd2: hostkey and hostkey.pub. These two files are usually generated automatically when you install SSH. You can regenerate them with the following command:
# rm / etc/ssh3/hostkey*
# ssh-keygen2-P / etc/ssh3/hostkey
3. Start sshd2
Every system that wants to use SSH must run sshd2 in the background. Start by hand:
# / usr/local/bin/sshd2&
You can add this command to "/ etc/rc2.d/S99local" so that the system automatically starts sshd2 each time it starts.
4. Control SSH with tcp_wrappers
Sites that install SSH can use tcp_wrappers to restrict which IP addresses can be accessed through ssh.
Sshd,sshd2: 10.0.0.1
Then only 10.0.0.1 can access the host through ssh.
The above is the work done by the system administrator. Let's talk about how the average user uses SSH.
Each user completes the following steps before using SSH:
Generate your own ssh public and private keys on the local host (for example, local.pku.edu.cn). The command is as follows:
Local# ssh-keygen
Generating 1024-bit dsa key pair
1 oOo.oOo.o
Key generated.
1024-bit dsa, teng@ns, Fri Oct 20 2000 17:27:05
Passphrase: * / * enter your password here for future access to this host.
Again: * / *
Private key saved to / home1/teng/.ssh3/id_dsa_1024_a
Public key saved to / home1/teng/.ssh3/id_dsa_1024_a.pub
The generated private and public keys (id_dsa_1024_a and id_dsa_1024_a.pub) are stored in the ~ / .ssh3 directory of your directory. The SSH configuration files related to the user are all under ~ / .ssh3. The private key is saved by the user on the local host, while the public key needs to be transferred to the remote host under your own account ~ / .ssh3, if you want to use ssh3 to access the local host.
Create a "identification" file under ~ / .ssh3 to describe the private key for authentication. The command is as follows:
Local:~/.ssh3# echo "IdKey id_dsa_1024_a" > identification
3. Similarly, complete the above steps on a remote host (for example, remote.pku.edu.cn).
4. Copy the public key (id_dsa_1024_a.pub) of yourself (here is "teng") under the local (local.pku.edu.cn) to the .ssh3 directory under your own home directory on the remote host (remote.pku.edu.cn). You can name it "local.pub" and upload it with ftp.
On the remote host, under the .ssh3 directory of your own home directory, create a "authorization" file that specifies the public key file to be used for authentication. The command is as follows:
Remote:~/.ssh3# echo "Key local.pub" > authorization
Now you can log in to the remote system locally using ssh3. The command is as follows:
Local# ssh remote.pku.edu.cn
Passphrase for key "/ home1/teng/.ssh3/id_dsa_1024_a" with comment "1024-bit dsa
You will be asked to enter your ssh password (Passphrase). Once the verification is passed, log in to the remote host.
This is the end of the introduction of "how to configure SSH under the Linux system". Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.