ssh下常用操作汇总(good)

简介: 1. 安装git,从程序目录打开 "Git Bash"  2. 键入命令:ssh-keygen -t rsa -C "email@email.com"   "email@email.com"是github账号 3. 提醒你输入key的名称,输入如id_rsa //如果只输入文件名,则文件会生成在当前目录下。
1. 安装git,从程序目录打开 "Git Bash" 
2. 键入命令:ssh-keygen -t rsa -C "email@email.com"
  "email@email.com"是github账号
3. 提醒你输入key的名称,输入如id_rsa //如果只输入文件名,则文件会生成在当前目录下。 2,3两步可以合成一个命令 ssh-keygen -t rsa -C "email@email.com" -f github-rsa 会生成github-rsa和github-rsa.pub两个文件。这种的话,可以用不同的密钥对应不同的ssh服务器
 
4. 在C:\Documents and Settings\Administrator\下产生两个文件:id_rsa和id_rsa.pub
5. 把4中生成的密钥文件复制到C:\Documents and Settings\Administrator\.ssh\ 目 录下。
6. 用记事本打开id_rsa.pub文件,复制内容,在github.com的网站上到ssh密钥管理页面,添加新公钥,随便取个名字,内容粘贴刚才复制的内容。
7. ^_^ OK了
 
需要注意步骤2中产生的密钥文件在当前用户的根目录,必须把这两个文件放到当前用户目录的“.ssh”目录下才能生效。
在windows中只能在命令行下输入创建"."开头的文件夹。命令为 mkdir .ssh
http://www.cnblogs.com/igrl/archive/2010/09/17/1829358.html





我们在日常工作中会遇到公司有个gitlab,还有些自己的一些项目放在github上。这样就导致我们要配置不同的ssh-key对应不同的环境。下面我们来看看具体的操作:

1,生成一个公司用的SSH-Key
$ ssh-keygen -t rsa -C "youremail@yourcompany.com” -f ~/.ssh/id-rsa

在~/.ssh/目录会生成id-rsa和id-rsa.pub私钥和公钥。 我们将id-rsa.pub中的内容粘帖到公司gitlab服务器的SSH-key的配置中。

2,生成一个github用的SSH-Key

$ ssh-keygen -t rsa -C "youremail@your.com” -f ~/.ssh/github-rsa
在~/.ssh/目录会生成github-rsa和github-rsa.pub私钥和公钥。 我们将github-rsa.pub中的内容粘帖到github服务器的SSH-key的配置中。

3,添加私钥

$ ssh-add ~/.ssh/id_rsa $ ssh-add ~/.ssh/id_rsa_github
如果执行ssh-add时提示"Could not open a connection to your authentication agent",可以现执行命令:

$ ssh-agent bash
然后再运行ssh-add命令。

# 可以通过 ssh-add -l 来确私钥列表
$ ssh-add -l
# 可以通过 ssh-add -D 来清空私钥列表
$ ssh-add -D

 

测试
$ ssh -T git@github.com
输出
Hi stefzhlg! You've successfully authenticated, but GitHub does not provide shell access.
就表示成功的连上github了.也可以试试链接公司的gitlab.

 

ssh -v user@host //可输出ssh过程的详细信息

ssh -v 10.1.1.158
.OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 10.1.1.158 [10.1.1.158] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/identity-cert type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
The authenticity of host '10.1.1.158 (10.1.1.158)' can't be established.
RSA key fingerprint is 3f:6f:11:ff:b7:5e:f7:63:57:ec:22:91:ca:9e:9c:e3.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': yes
Warning: Permanently added '10.1.1.158' (RSA) to the list of known hosts.
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
Cannot determine realm for numeric host address

debug1: Unspecified GSS failure.  Minor code may provide more information
Cannot determine realm for numeric host address

debug1: Unspecified GSS failure.  Minor code may provide more information


debug1: Unspecified GSS failure.  Minor code may provide more information
Cannot determine realm for numeric host address

debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Next authentication method: password
root@10.1.1.158's password: 

 

ssh 

     /etc/ssh/ssh_known_hosts
             Systemwide list of known host keys.  This file should be prepared
             by the system administrator to contain the public host keys of
             all machines in the organization.  It should be world-readable.
             See sshd(8) for further details of the format of this file.
     ~/.ssh/
             This directory is the default location for all user-specific con-
             figuration and authentication information.  There is no general
             requirement to keep the entire contents of this directory secret,
             but the recommended permissions are read/write/execute for the
             user, and not accessible by others.

     ~/.ssh/authorized_keys
             Lists the public keys (RSA/ECDSA/DSA) that can be used for log-
             ging in as this user.  The format of this file is described in
             the sshd(8) manual page.  This file is not highly sensitive, but
             the recommended permissions are read/write for the user, and not
             accessible by others.

     ~/.ssh/config
             This is the per-user configuration file.  The file format and
             configuration options are described in ssh_config(5).  Because of
             the potential for abuse, this file must have strict permissions:
             read/write for the user, and not accessible by others.

     ~/.ssh/environment
             Contains additional definitions for environment variables; see
             ENVIRONMENT, above.

     ~/.ssh/identity
     ~/.ssh/id_dsa
     ~/.ssh/id_ecdsa
     ~/.ssh/id_rsa
             Contains the private key for authentication.  These files contain
             sensitive data and should be readable by the user but not acces-
             sible by others (read/write/execute).  ssh will simply ignore a
             private key file if it is accessible by others.  It is possible
             to specify a passphrase when generating the key which will be
             used to encrypt the sensitive part of this file using 3DES.

     ~/.ssh/identity.pub
     ~/.ssh/id_dsa.pub
     ~/.ssh/id_ecdsa.pub
     ~/.ssh/id_rsa.pub
             Contains the public key for authentication.  These files are not
             sensitive and can (but need not) be readable by anyone.

     ~/.ssh/known_hosts
             Contains a list of host keys for all hosts the user has logged
             into that are not already in the systemwide list of known host
             keys.  See sshd(8) for further details of the format of this
             file.

     ~/.ssh/rc
             Commands in this file are executed by ssh when the user logs in,
             just before the user’s shell (or command) is started.  See the
             sshd(8) manual page for more information.

 

 

免密码登陆

http://www.cnblogs.com/softidea/p/5447539.html

 

Linux SSH常用总结(转)

http://www.cnblogs.com/softidea/p/4303157.html
 
 http://www.cnblogs.com/softidea/p/4523136.html
http://www.cnblogs.com/softidea/p/5308405.html
http://www.cnblogs.com/softidea/p/4710513.html
 

解决linux中ssh登录Warning:Permanently added (RSA) to the list of known hosts
原因:
在执行scp id_rsa.pub root@hostname:/root/.ssh这一步时,没在本机的/root/.ssh下生成known_hosts文件。

解决方案:
vi /etc/ssh/ssh_config
最后有两行是
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
把这两行注释掉并保存文件
再次执行scp id_rsa.pub root@host141:/root/.ssh
出现提示
The authenticity of host 'host141 (172.20.0.141)' can't be established.
RSA key fingerprint is a0:09:89:d2:3b:aa:91:60:59:7f:7f:bc:03:31:b0:09.
Are you sure you want to continue connecting (yes/no)?
输入yes后,则可看到在/root/.ssh目录下生成了known_hosts文件:

[root@SamuluIndex .ssh]# ls
id_rsa id_rsa.pub known_hosts

http://www.cnblogs.com/wjoyxt/p/6567206.html

 
 
 
相关文章
|
4天前
|
监控 Ubuntu Linux
使用VSCode通过SSH远程登录阿里云Linux服务器异常崩溃
通过 VSCode 的 Remote - SSH 插件远程连接阿里云 Ubuntu 22 服务器时,会因高 CPU 使用率导致连接断开。经排查发现,VSCode 连接根目录 ".." 时会频繁调用"rg"(ripgrep)进行文件搜索,导致 CPU 负载过高。解决方法是将连接目录改为"root"(或其他具体的路径),避免不必要的文件检索,从而恢复正常连接。
|
5月前
|
安全 Linux Shell
Linux中SSH命令介绍
Linux中SSH命令介绍
130 2
|
3月前
|
安全 Linux 网络安全
在Linux中,如何配置SSH以确保远程连接的安全?
在Linux中,如何配置SSH以确保远程连接的安全?
|
3月前
|
安全 Linux Shell
SSH 命令完整实用指南 | Linux SSH 服务
【8月更文挑战第20天】
390 0
|
3月前
|
安全 Linux Shell
如何在 Linux 服务器上配置基于 SSH 密钥的身份验证
如何在 Linux 服务器上配置基于 SSH 密钥的身份验证
141 0
|
3月前
|
Linux 网络安全 数据安全/隐私保护
Linux——配置SSH免密登录
Linux——配置SSH免密登录
87 0
|
4月前
|
安全 Ubuntu Linux
记录一次Linux服务器被人使用SSH字典爆破
曾经我以为互联网到至今应该是很和平的状态,但是经历了这次ssh字典爆破攻击后我才意识到网络攻击无处不在,建议系统密码使用比较复杂的随机字符组合,七八十位都没问题,数据可贵,电脑该装杀毒软件的就装上,别因为那占用那点内存而舍弃杀毒软件,防网络攻击于未然 !
|
5月前
|
Shell Linux 网络安全
Linux怎样在使用ssh 链接时就指定gcc 的版本
Linux怎样在使用ssh 链接时就指定gcc 的版本
56 7
|
5月前
|
安全 Linux Shell
【Linux基础】SSH登录
安全外壳协议(Secure Shell Protocol,简称SSH)是一种加密的网络传输协议,可在不安全的网络中为网络服务提供安全的传输环境。 SSH通过在网络中建立安全隧道来实现SSH客户端与服务器之间的连接。 SSH最常见的用途是远程登录系统,人们通常利用SSH来传输命令行界面和远程执行命令。
87 6
|
5月前
|
网络协议 Linux 网络安全
Linux配置SSH允许TCP转发
Linux配置SSH允许TCP转发
下一篇
无影云桌面