linux中ssh远程登陆

server端:

root@server /# hostnamectl set-hostname server.example.com

root@server \~# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000

link/ether 00:0c:29:b1:c7:29 brd ff:ff:ff:ff:ff:ff

altname enp3s0

inet 172.25.254.100/24 brd 172.25.254.255 scope global noprefixroute ens160

valid_lft forever preferred_lft forever

inet6 fe80::20c:29ff:feb1:c729/64 scope link noprefixroute

valid_lft forever preferred_lft forever

root@server \~# useradd timinglee

root@server \~# echo 123456 | passwd --stdin timinglee

更改用户 timinglee 的密码 。

passwd:所有的身份验证令牌已经成功更新。

root@server \~# systemctl stop firewalld

root@server \~# systemctl disable firewalld

确保只有root用户和timinglee用户可以被登录:

root@server \~# vim /etc/ssh/sshd_config

修改允许登录的账户

#LoginGraceTime 2m

PermitRootLogin yes

#StrictModes yes

#MaxAuthTries 6

#MaxSessions 10

AllowUsers timinglee root

cilent端:

root@client /# hostnamectl set-hostname client.example.com

root@client \~# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000

link/ether 00:0c:29:50:6d:df brd ff:ff:ff:ff:ff:ff

altname enp3s0

inet 172.25.254.200/24 brd 172.25.254.255 scope global noprefixroute ens160

valid_lft forever preferred_lft forever

inet6 fe80::20c:29ff:fe50:6ddf/64 scope link noprefixroute

valid_lft forever preferred_lft forever

制作cilent端的公私钥对:

root@client \~# ssh-keygen

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa): Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa

Your public key has been saved in /root/.ssh/id_rsa.pub

The key fingerprint is:

SHA256:EYGqkroNQD+sKOWkwA+S1/GomvnldO/19a4nlZq53fg root@client.example.com

The key's randomart image is:

+---RSA 3072----+

| .o. |

| . . |

| . .. . |

|o.o..+ . |

|=++=o . S .|

|B*=.. ..|

|*oo.o . . =. |

|o* + . . . . =ooo|

|=oo . .o ..+BE|

+----SHA256-----+

将公钥上传至server端:

root@client \~# ssh-copy-id root@172.25.254.100

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

root@172.25.254.100's password:

Number of key(s) added: 1

Now try logging into the machine, with: "ssh 'root@172.25.254.100'"

and check to make sure that only the key(s) you wanted were added.

实现cilent端的免密登录:

root@client \~# ssh -l root 172.25.254.100

Activate the web console with: systemctl enable --now cockpit.socket

Register this system with Red Hat Insights: insights-client --register

Create an account or view all your systems at https://red.ht/insights-dashboard

Last login: Sat Apr 20 18:19:24 2024 from 172.25.254.200

相关推荐
七歌杜金房6 小时前
我终于又有了自己的 Linux 电脑
linux·debian·mac
tntxia1 天前
linux curl命令详解_curl详解
linux
扛枪的书生1 天前
Linux 网络管理器用法速查
linux
顺风尿一寸1 天前
Java Socket 内核之旅:从 SocketChannel.read() 到 tcp_recvmsg 与 epoll 的完整调用链路
linux
XIAOHEZIcode2 天前
Ubuntu 终端美化全栈指南:Bash 到 Kitty 踩坑实录
linux·ubuntu·命令行
唐青枫2 天前
别再只会用 cron:Linux systemd Timer 定时任务实战详解
linux
AlfredZhao4 天前
生产环境里,为什么不建议把普通端口直接暴露到公网?
linux·https·443·80
戴为沐5 天前
Linux内存扩容指南
linux
zylyehuo5 天前
Linux 彻底且安全地删除文件
linux
用户805533698036 天前
主线 U-Boot 上 RK3506:和闭源 rkbin 拔河的三个隐性契约
linux·嵌入式