Shulou(Shulou.com)06/01 Report--

In this issue, the editor will bring you about how to configure openSSH in the Linux system. The article is rich in content and analyzes and narrates it from a professional point of view. I hope you can get something after reading this article.

When you look at the name openSSH, you will surely think that OpenSSH must have something to do with SSH. OpenSSH is an open source implementation of the SSH protocol that encrypts data during remote control and file transfer.

Brief introduction of OpenSSH server: in Linux system, OpenSSH is the most popular remote system login and file transfer application, and it is also the replacement product of traditional Telenet, FTP and R series network applications.

Among them, ssh (Secure Shell) can replace telnet, rlogin and rsh,scp (Secure Copy) and sftp (Secure FTP) instead of ftp.

OpenSSH encrypts the data in the way of key to ensure the security of data transmission. Before the formal transmission of data, the two sides should first exchange keys, and then use the key and the corresponding program to decrypt the data when they receive each other's data. This encrypted data transmission helps to prevent illegal users from obtaining data information.

OpenSSH generates public and private keys randomly. The key usually needs to be generated only once and can be remade if necessary.

Configuration 2. Configuring OpenSSH server OpenSSH is an open source software project to implement SSH protocol, which is suitable for all kinds of UNIX and Linux operating systems.

The CentOS 7 system has openssh-related software packages installed by default and the sshd service has been added as self-booting. (the service name of openssh is sshd)

Execute the "systemctl start sshd" command to start the sshd service

The sshd service uses port 22 of TCP by default.

The default configuration file for the sshd service is / etc/ssh/sshd_config

Both ssh_config and sshd_config are configuration files for ssh servers. The difference between them is that the former is a configuration file for the client, while the latter is a configuration file for the server.

1. Common options of sshd_config configuration file: set vim / etc/ssh/sshd_config Port 22 # listening port to 22 ListenAddress 0.0.0.0 # listening address to any network segment You can also specify that the specific IP LoginGraceTime 2m # login authentication time of the OpenSSH server is 2 minutes PermitRootLogin no # prohibit root users from logging in to MaxAuthTries 6 # maximum number of retries is 6 PermitEmptyPasswords no # prohibit empty password users from logging in UseDNS no # disable DNS reverse resolution to improve the response speed of the server 12345678910

2. AllowUsers and DenyUsers only allow users to log in, and a user can only log in remotely from a specified IP address example: AllowUsers zhangsan lisi wangwu@192.168.132.20 # multiple users disable some user logins separated by spaces, similar to AllowUsers (be careful not to use at the same time) example: DenyUsers zhangsan 12345

3. Test on the client

4. Scp remote replication downstream replication: copy the / etc/passwd file of the remote host to the local scp root@192.168.132.20:/etc/passwd / root/passwd10.txt uplink replication: copy the local / etc/ssh directory to the remote host scp-r / etc/passwd/ root@192.168.132.20:/opt 12345

5. Sftp security FTP uses encryption / decryption technology, so the transmission efficiency is lower than the ordinary FTP, but the security is higher. The operation syntax sftp is almost the same as ftp. 1 sftp root@192.168.184.20 sftp > ls sftp > get file name # download file to ftp directory sftp > put file name # upload file to ftp directory sftp > quit # quit 12345 download experiment upload experiment

OpenSSH is an open source software project that implements SSH protocol, which is suitable for all kinds of UNIX and Linux operating systems.

The CentOS 7 system has openssh-related software packages installed by default and the sshd service has been added as self-booting. (the service name of openssh is sshd)

Execute the "systemctl start sshd" command to start the sshd service

The sshd service uses port 22 of TCP by default.

The default configuration file for the sshd service is / etc/ssh/sshd_config

Both ssh_config and sshd_config are configuration files for ssh servers. The difference between them is that the former is a configuration file for the client, while the latter is a configuration file for the server.

1. Common options of sshd_config configuration file: set vim / etc/ssh/sshd_config Port 22 # listening port to 22 ListenAddress 0.0.0.0 # listening address to any network segment You can also specify that the specific IP LoginGraceTime 2m # login authentication time of the OpenSSH server is 2 minutes PermitRootLogin no # prohibit root users from logging in to MaxAuthTries 6 # maximum number of retries is 6 PermitEmptyPasswords no # prohibit empty password users from logging in UseDNS no # disable DNS reverse resolution to improve the response speed of the server 12345678910

2. AllowUsers and DenyUsers only allow users to log in, and a user can only log in remotely from a specified IP address example: AllowUsers zhangsan lisi wangwu@192.168.132.20 # multiple users disable some user logins separated by spaces, similar to AllowUsers (be careful not to use at the same time) example: DenyUsers zhangsan 12345

3. Test on the client

4. Scp remote replication downstream replication: copy the / etc/passwd file of the remote host to the local scp root@192.168.132.20:/etc/passwd / root/passwd10.txt uplink replication: copy the local / etc/ssh directory to the remote host scp-r / etc/passwd/ root@192.168.132.20:/opt 12345

5. Sftp security FTP uses encryption / decryption technology, so the transmission efficiency is lower than the ordinary FTP, but the security is higher. The operation syntax sftp is almost the same as ftp. 1 sftp root@192.168.184.20 sftp > ls sftp > get file name # download file to ftp directory sftp > put file name # upload file to ftp directory sftp > quit # quit 12345 download experiment upload experiment

The above is the editor for you to share how to configure openSSH in the Linux system, if you happen to have similar doubts, you might as well refer to the above analysis to understand. If you want to know more about it, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.