Shulou(Shulou.com)06/01 Report--

# Unit 9 #

Key Certification of 1.ssh

# generate key#

[test@foundation0 ~] $ssh-keygen # tools for generating public and private keys

Generating public/private rsa key pair.

Enter file in which to save the key (/ home/test/.ssh/id_rsa): "enter" # specifies that encrypted characters save the file, using the default

Created directory'/ home/test/.ssh'.

Enter passphrase (empty for no passphrase): # password, which must be greater than 4 digits

Enter same passphrase again:

Your identification has been saved in / home/test/.ssh/id_rsa.

Your public key has been saved in / home/test/.ssh/id_rsa.pub.

The key fingerprint is: # confirm password

A5:4f:02:51:68:59:f4:e8:e3:c5:91:1f:6f:86:99:06 test@foundation0.ilt.example.com

The key's randomart p_w_picpath is:

+-[RSA 2048]-+

|. * + |

| +. O. | |

|. . E. | |

| | o + * |

| | S + * + |

|. *. O |

|. . | |

| | |

| | |

+-+

[test@foundation0 .ssh] $pwd

/ home/test/.ssh # location of generating key

[test@foundation0 .ssh] $ls

Id_rsa id_rsa.pub # id_ RSA bit private key, id_ rsa.pubbit public key

# encrypt the target user of the target host using key #

[test@foundation0] $ssh-copy-id-I / home/test/.ssh/id_rsa.pub westos@172.25.254.100

The authenticity of host '172.25.254.100 (172.25.254.100)' can't be established.

ECDSA key fingerprint is eb:24:0e:07:96:26:b1:04:c2:37:0c:78:2d:bc:b0:08.

Are you sure you want to continue connecting (yes/no)? Yes

/ bin/ssh-copy-id: INFO: attempting to log in with the new key (s), to filter out any that are already installed

/ bin/ssh-copy-id: INFO: 1 key (s) remain to be installed-- if you are prompted now it is to install the new keys

Westos@172.25.254.100's password:

Number of key (s) added: 1

Now try logging into the machine, with: "ssh 'westos@172.25.254.100'"

And check to make sure that only the key (s) you wanted were added.

Ssh-copy-id # tools for uploading key

-I # specify the public key to use

/ home/test/.ssh/id_rsa.pub # use the name of the public key

Westos # managed target users

172.25.254.100 # ip of the host where the managed user resides

Authorized_keys### this file is in the .ssh of the directory added by the target user, and this file is the encrypted identity of the target user, and the contents of the file bit the public key content.

Simple configuration of 2.sshd services

Vim / etc/ssh/sshd_config # configuration file for sshd service

48 PermitRootLogin yes | no # whether to allow root users to pass sshd authentication

78 PasswordAuthentication yes | no # enable or disable user password authentication

AllowUsers student westos # user whitelist, only users who appear in the list are allowed to use sshd service

Systemctl restart sshd # reload the configuration

3. Control of system services

1) systemd

System initialization program, the first process that the system starts, pid is 1

2) systemctl command

Systemctl list-units # # list the status of current system services

Systemctl list-unit-files # # list the startup status of the service

Systemctl status sshd # # View the status of the specified service

Systemctl stop sshd # # disable the specified service

Systemctl start sshd # # enable the specified service

Systemctl enable sshd # # set the specified service to power on

Systemctl disable sshd # # set the specified service to power on and off

Systemctl reload sshd # # is to reload the configuration of the service

Systemctl list-dependencies sshd # # View the dependencies of the specified service

Systemctl mask sshd # # freeze specified services

Sustemctl unmask sshd # # enable services

3) Service status

Systemctl status service name

Loaded # # system service has been initialized and the configuration has been loaded

Active (running) # # service is being utilized by the system

The active (exited) # # service has loaded the configuration, waiting to be utilized by the system

Active (waiting) # # Service waiting to be processed by the system

Inactive # # Service shutdown

Enabled # # Service Startup

Disabled # # Service does not start automatically

Static # # Service boot entry cannot be managed

Failed # # system configuration error

4.openssh-server

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.