Shulou(Shulou.com)06/01 Report--

This article mainly introduces how to customize SSH in Linux to simplify remote access, which has a certain reference value. Interested friends can refer to it. I hope you will learn a lot after reading this article.

SSH uses system global and user-specified (user-defined) profiles. In this article, we will show you how to create a custom ssh configuration file and connect to a remote host with specific options.

SSH (SSH client) is a program that accesses a remote host and enables the user to execute commands on the remote host. This is one of the most popular ways to log in to a remote host because it is designed to provide secure encryption for the communication between two untrusted hosts in an insecure network environment.

SSH uses system global and user-specified (user-defined) profiles. In this article, we will show you how to create a custom ssh configuration file and connect to a remote host with specific options.

Prerequisites:

1. You must install the OpenSSH client on your desktop Linux.

two。 Learn about common options for remote connections through ssh.

SSH client profile

The following is the ssh client profile:

1./etc/ssh/ssh_config is the default profile, belongs to the system global profile, and contains settings for ssh clients that apply to all users.

2.~/.ssh/config or $HOME/.ssh/config specifies / customizes the configuration file for the user, and the configuration in this file is valid only for the specified user, so it overrides the settings in the default system global configuration file. This is also the file we want to create and use.

By default, users get authentication by entering a password in ssh, and you can use Keygen to set ssh password-less login in a simple step.

Note: if the ~ / .ssh directory does not exist on your system, create it manually and set the following permissions:

$mkdir-p ~ / .ssh $chmod 0700 ~ / .ssh

The above chmod command indicates that only the directory owner has read, write, and execute permissions on the directory, which is also a setting required by ssh.

How to create a user-specified SSH profile

The file is not created by default, so you need to use a user with read / write permissions to create it.

$touch ~ / .ssh/config $chmod 0700 ~ / .ssh/config

The above file contains sections defined by a specific host, and each part applies only to the matching parts of the host definition.

The common format of the ~ / .ssh/config file is as follows, with all blank lines and behavior comments starting with'#':

Host host1 ssh_option1=value1 ssh_option2=value1 value2 ssh_option3=value1 Host host2 ssh_option1=value1 ssh_option2=value1 value2 Host * ssh_option1=value1 ssh_option2=value1 value2

The format above is explained in detail:

1.Host host1 is defined for the header about host1, and host-related settings start here until the next header definition Host host2 appears, thus forming a complete definition.

2.host1 and host2 are the host aliases used on the command line, not the actual remote host names.

3. Among them, configuration options such as sshoption1=value1 and sshoption2=value1 value2 will be applied to matching hosts and can be indented to look more tidy.

4. For options such as ssh_option2=value1 value2, the value of value1 is given priority when executed by ssh.

5. The header definition Host * (where * is a match pattern / wildcard and matches zero or more characters) matches zero or more hosts.

Still take the above format as an example, ssh is also the same form class to read configuration files. If you execute the ssh command to access the remote host host1, as follows:

$ssh host1

The above ssh command takes the following action:

1. Match the host alias host1 in the configuration file and use each setting item in the header definition.

two。 Continue to match the next host definition, and then find that the hostname provided on the command line does not match, so the following settings are skipped.

3. Finally, the last host definition, Host *, is executed, which matches all hosts. Here, all the next setting options will be applied to all host connections. But it does not overwrite options that have been previously defined by the host.

4.ssh host2 is similar.

How to use a user-specified shh profile

After you understand how the ssh client profile works, you can create it in the following ways. Remember to use the corresponding options and values (host alias, port number, user name, etc.) in your server environment.

Open the configuration file through your favorite editor:

$vi ~ / .ssh/config

And define the necessary parts:

Host fedora25 HostName 192.168.56.15 Port 22 ForwardX11 no Host centos7 HostName 192.168.56.10 Port 22 ForwardX11 no Host ubuntu HostName 192.168.56.5 Port 2222 ForwardX11 yes Host * User tecmint IdentityFile ~ / .ssh/id_rsa Protocol 2 Compression yes ServerAliveInterval 60 ServerAliveCountMax 20 LogLevel INFO

Detailed explanation of the above ssh configuration file:

1.HostName-defines the hostname that you really want to log in. In addition, you can also use numeric IP addresses, either on the command line or in the HostName definition.

2.User-specifies which user to log in with.

3.Port-sets the port to connect to the remote host, which defaults to port 22. However, it must be the port number defined in the sshd configuration file of the remote host.

4.Protocol-this option defines priority for using the version of the protocol supported by ssh. The commonly used values are'1' and'2'. If you use two versions of the protocol at the same time, you must be separated by a comma.

5.IdentityFile-specifies a file to read authorization authentication information for users such as DSA, Ed25519, ECDSA, and so on.

6.ForwardX11-defines whether the X11 connection is automatically redirected to the secure channel and DISPLAY settings. There are two values that can be set, yes or no.

7.Compression-the default value is no, and if set to yes, compression is used for transmission during connection to the remote host.

8.ServerAliveInterval-sets the timeout, in seconds, when no server response (or data) is received. Ssh sends information over an encrypted channel, requesting a response from the server. The default value is 0, which means that ssh does not send response requests to the server; if the BatchMode option is defined, the default is 300 seconds.

9.ServerAliveCountMax-sets the amount of active information sent by the server when it does not receive any response from the server.

10.LogLevel-defines the level of log redundancy for ssh login information. The allowed values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. The default is INFO.

The standard way to connect to any remote host is to define the second section in the above two files (I am connecting to CentOS 7). In general, we enter commands like this:

$ssh-I ~ / .ssh/id_rsa-p 22 tecmint@192.168.56.10

However, after using the ssh client profile, we can still do this:

$ssh centos7

You can also find more setup options and usage examples on the man help page:

$man ssh_config

At this point, the article is finished. In this article, we showed you how to use a user-specified (custom) ssh client profile in Linux.

Thank you for reading this article carefully. I hope the article "how to customize SSH in Linux to simplify remote access" shared by the editor will be helpful to you. At the same time, I also hope you will support us and pay attention to the industry information channel. More related knowledge is waiting for you to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.