Shulou(Shulou.com)06/01 Report--

This article will explain in detail how to use OpenSSH under Ubuntu. The editor thinks it is very practical, so I share it with you for reference. I hope you can get something after reading this article.

1. Private key login

No matter which client software you use, you will have the option to use key, and the ssh command is no exception. By default, ssh reads the id_rsa file in .ssh in the user's host directory. Here is an episode: the author's original key was generated with secureCRT. When saving, you will be prompted whether to use secureCRT proprietary format or openssh format. The secureCRT format used by the author at that time, after putting it in this directory, you can see that it is in a hurry, it doesn't work well. Later, you can use secureCRT to re-save to openssh format (re-save is not re-generation yo, think that there are so many servers to re-put one by one, there will be no desire to regenerate). It is also important to note that it must be the file name id_rsa, otherwise you don't know why you are so anxious (of course, when you learn about using configuration files later, you will know that there are also identity and id_dsa, so you can use whatever name you want). In addition, the permission of this file is 600, otherwise ssh will not buy it.

two。 Specify user name

Everyone will have their own favorite user name, for example, the author likes to use rainbird, so the user name is also rainbird when I log in to the system. The server you connect to will not determine your current user name and set up an account for you. When "ssh ip" is used by default. Ssh will determine whether you currently have a configuration file that specifies the default user name, and if not, it will determine whether you use the ssh-l rainbird ip or ssh rainbird@ip format in the command, and if not, it will default to the user name of your current system login. To connect to a remote system. Wouldn't it be annoying to type-l or user@ip every time the user you connect to uses the same user name instead of rainbird, such as root? Anyway, the more things you enter, the less efficient you will be. As mentioned earlier, ssh determines whether there is a configuration file first.

After the author's study found that: ssh will read two configuration files: one is ~ / .ssh / config, if not, it will read / etc/ssh/ssh_config. Ha ha, this is also the working philosophy of linux: each user will have their own personal profile, so users will use a unified profile by default. With the idea of giving it a try, the author, vi ~ / .ssh / config, wrote User and found that the saying was highlighted, and it seemed to be it, so I wrote:

User root

After saving and exiting, when ssh ip, I found that it was really connected in the form of root@ip:

[rainbird@rainbird ~] $ssh 192.168.5.18

Root@192.168.5.18's password:

3. Specify the port and password for the connection

After setting the user name of the default connection, the author tasted the sweetness. So start to take a closer look at the configuration file / etc/ssh/ssh_config. The author only knew that there was such a document before, but I really didn't read it carefully. This research does not matter, many problems have been easily solved. The two lines that have attracted the author's attention are:

# Port 22

# Protocol 1,2

What these two lines mean is that the default connection port is 22, and the ssh protocol 1 and 2 used by the default connection is fine. Directly open ~ / .ssh / config and add these two lines:

Port 1222

Protocol 2

Did you save a lot of things?

4. Add a host name that is easy to access

This is not strictly unique to the ssh command. No matter which client software you use, you will have the ability to save the session, but does the ssh command have the ability to read the default session configuration? The author also thought about it for a long time, but couldn't find a solution. In fact, the author just thinks that every time I have to ssh xxx.xxx.xxx.xxx is a little too tired, mainly because I am not naturally interested in numbers. What should I do? The boss said, why don't you just use the domain name? Yeah? Domain name is easy to remember, but easy to remember is easy to remember, it is not short ah, what to do? Just write hosts! Because the domain name appears because hosts is not enough. When hosts is sufficient, why not use hosts? Besides, it will not only kill once and for all, but also save analysis time and kill two birds with one stone. So: sudo vi / etc/hosts

Xxx.xxx.xxx.xxx web

When you visit web later, ssh web directly. Well, it's kind of in line with linux's idea of simplicity and efficiency.

The problem of garbled codes in 5.ssh

What a beautiful world. Rich and colorful, colorful. The problem of displaying Chinese normally under linux has always been the most concerned problem for the author. When using ssh to log in to the linux server in the Chinese environment, the Chinese code is still garbled. What should I do? Can this problem be solved by something made for each other? The answer is yes. There is a saying in / etc/ssh/ssh_config:

SendEnv LANG LC_ALL

This option is turned on by default, which means to send the system locale. It is said on the Internet that it can be written as SendEnv LANG=en.US.UTF-8 LC_ALL=en.US.UTF-8. However, according to the author's understanding: when LC_ALL is set, LANG has to obey LC_ALL even if it is set, so the author directly adds this sentence to ~ / .ssh / config:

SendEnv LANG LC_ALL=en.US.UTF-8

Haha, the Chinese language is displayed correctly. What a wonderful life!

6.ssh client enables ssh key forwarding

Linux system has an automatic forwarding key function, when remotely to a linux and then ssh other machines, you can use your local private key to automatically verify, greatly improve work efficiency and security. Can this function be achieved with ordinary ssh commands? The answer is still so positive! But to take two steps, first, vi ~ / .ssh / config is added:

ForwardAgent yes

Then execute the command:

Ssh-add

It will add ~ /. Ssh/id_rsa to your transit agent by default. Kaka, I, Hu Hansan, have come back.

7. Prevent disconnection

The ssh server will automatically disconnect a session that has been inactive for a period of time for the sake of security and resource saving. Although after the previous transformation, it is very easy for you to connect to a machine. But when I go out for a smoke and come back, I have to land like this again, which makes people feel really uncomfortable. What are we going to do? As the saying goes: there are policies at the top and countermeasures at the bottom.

Vi / .ssh/config

ServerAliveInterval=60

This is the end of this article on "how to use OpenSSH under Ubuntu". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.