ssh (secure shell),ssh协议支持登录及文件的传输加密防止数据截留!
01、下载
https://www.ssh.com/ ###商业
https://www.openssl.org ###开源
http://www.openssh.com/ ###开源ssh
http://www.openssh.com/portable.html
http://www.ftp.ne.jp/OpenBSD/OpenSSH/portable/ ###日本
https://www.openssl.org/source/snapshot/
02、安装
openssh
openssh-server
openssh-client
yum install -y openssh-server
03、测试
/etc/init.d/sshd start
service sshd start| restart | stop
配置文件
/etc/ssh/ssh_config
/etc/ssh/sshd_config
详细配置文件说明:http://www.cnblogs.com/xiaochina/p/5802008.html
ssh-keygen -t rsa |dsa #生成公私秘钥
id_rsa 私钥 #私钥很关键不要随意传播
id_rsa.pub 公钥 --- authorized_keys
cat id_rsa.pub >>/root/.ssh/authorized_keys #公钥位于target_server(登录的目标机器)
ssh对登陆限制:http://www.cnblogs.com/xiaochina/p/5920057.html
04、ssh登录
#ssh相关命令
ss sshd sssd
ssh ssh-keygen sss_ssh_authorizedkeys
ssh-add ssh-keyscan sss_ssh_knownhostsproxy
ssh-agent ssltap
ssh-copy-id sss_cache
[root@mvpbang ~]# ssh
usage: ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]
[-D [bind_address:]port] [-e escape_char] [-F configfile]
[-I pkcs11] [-i identity_file]
[-L [bind_address:]port:host:hostport]
[-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
[-R [bind_address:]port:host:hostport] [-S ctl_path]
[-W host:port] [-w local_tun[:remote_tun]]
[user@]hostname [command]
ssh root@172.24.0.24
ssh -l mvp 172.24.0.24
ssh 172.24.0.24 #读取当前用户名作为登录用户名
/root/.ssh/known_hosts #本机ssh远程登录Linux保存远程机器的公钥,用于安全传输数据
05、scp文件传输
[root@mvpbang ~]# scp
usage: scp [-1246BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]
[-l limit] [-o ssh_option] [-P port] [-S program]
[[user@]host1:]file1 ... [[user@]host2:]file2
scp xxx root@172.24.0.24:~ #上传
scp root@172.24.0.24:/etc/passwd ~ #下载
06、sftp安全传输ftp
[root@mvpbang ~]# sftp
usage: sftp [-1Cv] [-B buffer_size] [-b batchfile] [-F ssh_config]
[-o ssh_option] [-P sftp_server_path] [-R num_requests]
[-S program] [-s subsystem | sftp_server] host
sftp [user@]host[:file ...]
sftp [user@]host[:dir[/]]
sftp -b batchfile [user@]host
sftp用法跟ftp基本没啥差异