Secure Shell (SSH) 远程登录与退出

Secure Shell [SSH] 远程登录与退出

• References

Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. The best known example application is for remote login to computer systems by users.

SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2.

The Secure Shell protocols are used in several file transfer mechanisms.

cryptographic ['krɪptəʊ'græfɪk]：adj. 关于暗号的 n. 隐晶文象状
mechanism [ˈmekəˌnɪz(ə)m]：n. 机制，机械装置，方法，机件

SSH 远程登录，用户名：user_name，远程主机 IP：host_ip。

$ ssh user_name@host_ip

如果本地用户名与远程用户名一致，登录时可以省略用户名。

$ ssh host_ip

SSH 的默认端口是 22，登录请求会送进远程主机的 22 端口。使用 -p 参数，可以修改这个端口。

$ ssh -p 2222 user_name@host_ip

上面的命令表示，ssh 直接连接远程主机的 2222 端口。

1. 查看 ssh 版本，ssh 登录远程主机与退出登录

   strong@foreverstrong:~$ ssh yongqiang@192.168.1.3
   yongqiang@192.168.1.3's password:
   Welcome to Ubuntu 16.04.4 LTS (GNU/Linux 4.4.0-116-generic x86_64)

   • Documentation: https://help.ubuntu.com
   • Management: https://landscape.canonical.com
   • Support: https://ubuntu.com/advantage

   81 packages can be updated.
   35 updates are security updates.

   Last login: Fri Jun 1 22:05:34 2018 from 192.168.1.116
   yongqiang@DN-S3:~ ssh -V OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g 1 Mar 2016 yongqiang@DN-S3:~
   yongqiang@DN-S3:~ logout Connection to 192.168.1.3 closed. strong@foreverstrong:~

   strong@foreverstrong:~$ ssh yongqiang@192.168.1.3
   yongqiang@192.168.1.3's password:
   Welcome to Ubuntu 16.04.4 LTS (GNU/Linux 4.4.0-116-generic x86_64)

   • Documentation: https://help.ubuntu.com
   • Management: https://landscape.canonical.com
   • Support: https://ubuntu.com/advantage

   81 packages can be updated.
   35 updates are security updates.

   Last login: Sat Jun 2 11:18:13 2018 from 192.168.1.116
   yongqiang@DN-S3:~ yongqiang@DN-S3:~ exit
   logout
   Connection to 192.168.1.3 closed.
   strong@foreverstrong:~$

2. 第一次登录对方主机，系统会出现下面的提示。

无法确认 host 主机的真实性，只知道它的公钥指纹，是否继续连接？

当远程主机的公钥被接受以后，它就会被保存在文件 $HOME/.ssh/known_hosts 之中。下次再连接这台主机，系统就会认出它的公钥已经保存在本地了，从而跳过警告部分，直接提示输入密码。

每个 SSH 用户都有自己的 known_hosts 文件，此外系统也有一个这样的文件，通常是 /etc/ssh/ssh_known_hosts，保存一些对所有用户都可信赖的远程主机的公钥。

strong@foreverstrong:~$ ssh yongqiang@192.168.1.3
The authenticity of host '192.168.1.3 (192.168.1.3)' can't be established.
ECDSA key fingerprint is SHA256:02+dO+WcPzmfu7yUlJG/6CYU5zAlw9m5swz/NSNMUbc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.3' (ECDSA) to the list of known hosts.
yongqiang@192.168.1.3's password: 
Welcome to Ubuntu 16.04.4 LTS (GNU/Linux 4.4.0-116-generic x86_64)
 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage
79 packages can be updated.
32 updates are security updates.
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
yongqiang@DN-S3:~$ ls
yongqiang@DN-S3:~$ exit
logout
Connection to 192.168.1.3 closed.

References

1\] Yongqiang Cheng,