每天一條Linux命令(24) ssh (遠端安全登入)

北冥有熊發表於2020-10-01
Linux

在Linux系統中,命令 ssh 是openssh套件中的客戶端連線工具,可以使用ssh加密協議實現安全的遠端登入伺服器,實現對伺服器的遠端管理,Windows中的替代工具為Xshell、putty、SecureCRT等。

語法:

ssh [引數選項] [user@IP]  [command]

[注] command 是可選項

引數說明:

  • -p  指定ssh登入埠號,預設為22 埠

  • -t  強制分配偽終端,可以在遠端機器上執行任何全螢幕(screen-based)程式,所以非常有用,例如選單服務。即使沒有本地終端,多個-t選項也會強制分配終端。這個選項在進行寫遠端批量管理Shell指令碼時非常有有用

  • -v  除錯模式

案例:

遠端登入伺服器

[C:\~]$ ssh root@192.168.116.100Connecting to 192.168.116.100:22...Connection established.To escape to local shell, press 'Ctrl+Alt+]'.

指定使用者及埠進行遠端登入

[C:\~]$ ssh -p 22 bear@192.168.116.100Connecting to 192.168.116.100:22...Connection established.To escape to local shell, press 'Ctrl+Alt+]'.

遠端執行命令

[root@master test03]# [root@master test03]# ssh 120.24.165.81 "ls"   # 在另一個伺服器上執行ls命令root@120.24.165.81's password:     # 輸入另一個伺服器登入密碼install.sh   # 執行結果[root@master test03]#

-v 開始除錯模式 (這裡以除錯遠端登入慢為例,其實並不慢,這裡只是演示一下過程)

[root@master test03]# ssh -v 120.25.168.64OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017debug1: Reading configuration data /etc/ssh/ssh_configdebug1: /etc/ssh/ssh_config line 58: Applying options for *debug1: Connecting to 120.24.165.81 [120.24.165.81] port 22.debug1: Connection established.debug1: permanently_set_uid: 0/0debug1: key_load_public: No such file or directorydebug1: identity file /root/.ssh/id_rsa type -1debug1: key_load_public: No such file or directorydebug1: identity file /root/.ssh/id_rsa-cert type -1debug1: key_load_public: No such file or directorydebug1: identity file /root/.ssh/id_dsa type -1debug1: key_load_public: No such file or directorydebug1: identity file /root/.ssh/id_dsa-cert type -1debug1: key_load_public: No such file or directorydebug1: identity file /root/.ssh/id_ecdsa type -1debug1: key_load_public: No such file or directorydebug1: identity file /root/.ssh/id_ecdsa-cert type -1debug1: key_load_public: No such file or directorydebug1: identity file /root/.ssh/id_ed25519 type -1debug1: key_load_public: No such file or directorydebug1: identity file /root/.ssh/id_ed25519-cert type -1debug1: Enabling compatibility mode for protocol 2.0debug1: Local version string SSH-2.0-OpenSSH_7.4debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4debug1: match: OpenSSH_7.4 pat OpenSSH* compat 0x04000000debug1: Authenticating to 120.25.168.64:22 as 'root'debug1: SSH2_MSG_KEXINIT sentdebug1: SSH2_MSG_KEXINIT receiveddebug1: kex: algorithm: curve25519-sha256debug1: kex: host key algorithm: ecdsa-sha2-nistp256debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: nonedebug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: nonedebug1: kex: curve25519-sha256 need=64 dh_need=64debug1: kex: curve25519-sha256 need=64 dh_need=64debug1: expecting SSH2_MSG_KEX_ECDH_REPLYdebug1: Server host key: ecdsa-sha2-nistp256 SHA256:+QXNO8vg3Dmngg0Ek90haDDp+PNvI/koo5gLPwSyhgUdebug1: Host '120.24.165.81' is known and matches the ECDSA host key.#  略略略略略略略略略略debug1: Next authentication method: passwordroot@120.24.165.81's password:    # 這裡提示需要輸入密碼debug1: Authentication succeeded (password).Authenticated to 120.24.165.81 ([120.25.168.64]:22).debug1: channel 0: new [client-session]debug1: Requesting no-more-sessions@openssh.comdebug1: Entering interactive session.debug1: pledge: networkdebug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0debug1: Sending environment.debug1: Sending env LANG = en_US.UTF-8Last login: Sun Sep 20 17:37:28 2020 from 115.194.183.70
Welcome to Alibaba Cloud Elastic Compute Service !
[root@iZwz9c8miiew8bjh7tpbveZ ~]#

上述除錯過程,如果卡在哪一步說明問題就出在哪裡(這裡除錯登入時其實是正常的)

相關文章