Application of scp sftp in ssh client and T key pair login and TCP Wrappers access control 02/24 Update SLTechnology News&Howtos

Application of scp sftp in ssh client and T key pair login and TCP Wrappers access control

2025-02-24 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Shulou(Shulou.com)06/02 Report--

One scp

Scp is used to copy files remotely. Data transmission uses ssh, and uses the same authentication method as ssh, providing the same security guarantee. Unlike rcp, scp requires you to enter a password or password when you need to authenticate.

Create the file an in the local / opt directory

Two sftp

Sftp is the abbreviation of SSH File Transfer Protocol, secure file transfer protocol. It can provide a secure network encryption method for transferring files. Sftp and ftp have almost the same syntax and function. SFTP is part of SSH and is a secure way to transfer files to a Blogger server. In fact, a secure file information transfer subsystem called SFTP is already included in the SSH package. SFTP itself does not have a separate daemon, it must use the sshd daemon (the port number is 22 by default) to complete the corresponding connection and reply operations, so in a sense, SFTP is not like a server program, but more like a client program. SFTP also uses encryption to transmit authentication information and transmitted data, so using SFTP is very secure. However, because this kind of transmission uses encryption / decryption technology, the transmission efficiency is much lower than that of ordinary FTP.

Go to the ssh server configuration file and open the key pair login

Password interaction is required for each login of the key pair, which can be avoided by using the following command

Four TCP Wrappers

Tcp wrappers: Transmission Control Protocol (TCP) Wrappers provides enhanced security for services generated by inetd. TCP Wrappers is an alternative to using / etc/inetd.sec. TCP Wrappers provides protection against hostname and host address spoofing. Spoofing is a method of pretending to be a valid user or host to gain unauthorized access to the system.

Profile location

/ etc/hosts.allow

/ etc/hosts.deny

Reading principle

Read first and reject later. If neither of the two profiles is configured, it is allowed by default

Allow 192.168.149.135 client access in the hosts.allow file, deny all client access in the host.deny file, configure save exit, and verify.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.