ssh客户端命令

Posted 江神神神神

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了ssh客户端命令相关的知识,希望对你有一定的参考价值。

1、ssh常用参数、用法

  • ssh命令是ssh客户端,允许实现对远程系统经验证地加密安全访问
  • 当用户远程连接ssh服务器时,会复制ssh服务器/etc/ssh/ssh_host*key.pub文件中的公钥到客户机的~/.ssh/know_hosts中。下次连接时,会自动匹配相对应的私钥,不能匹配,将拒绝连接
  • ssh客户端配置文件:/etc/ssh/ssh_config

    主要配置

    
    #StrictHostKeyChecking ask
    首次登录不显示检查提示
    StrictHostKeyChecking no

  IdentityFile ~/.ssh/id_rsa

  IdentityFile ~/.ssh/id_dsa

  IdentityFile ~/.ssh/id_ecdsa

  IdentityFile ~/.ssh/id_ed25519

  Port 22

#### 范例:禁止首次连接的询问过程

[root@centos8 ~]# sed -i.bak \'/StrictHostKeyChecking/s/.*/StrictHostKeyChecking no/\' /etc/ssh/ssh_config

#### 格式

ssh [user@]host [COMMAND]
ssh [-l user] host [COMMAND]

#### 常见选项

-p port #远程服务器监听的端口
-b #指定连接的源IP
-v #调试模式
-C #压缩方式
-X #支持x11转发
-t #强制伪tty分配,如:ssh -t remoteserver1 ssh -t remoteserver2   ssh   remoteserver3
-o option   如:-o StrictHostKeyChecking=no
-i <file>   #指定私钥文件路径,实现基于key验证,默认使用文件: ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519,~/.ssh/id_rsa等

#### 范例:

[root@centos-8 ~]#ssh -t 10.0.0.150 ssh -t 10.0.0.124 ssh 10.0.0.164
root@10.0.0.150\'s password:
root@10.0.0.124\'s password:
root@10.0.0.164\'s password:
Last login: Tue Aug 24 02:16:39 2021 from 10.0.0.124

#### 范例:远程执行命令

[root@centos-8 ~]#ssh 10.0.0.124 "sed -i.bak \'/StrictHostKeyChecking/s/.*/StrictHostKeyChecking no/\' /etc/ssh/ssh_config"
root@10.0.0.124\'s password:

#### 范例:在远程主机运行本地shell脚本

[root@centos-8 ~]#hostname -I
10.0.0.150 192.168.122.1
[root@centos-8 ~]#cat test.sh
#!/bin/bash
hostname -I
[root@centos-8 ~]#ssh 10.0.0.124 /bin/bash < test.sh
root@10.0.0.124\'s password:
10.0.0.124 172.17.0.1

#### 1.1 ssh基于密钥的登录方式
ssh-keygen命令常用参数:

-t #指定算法,默认rsa
-p #指定给私钥加密密码
-f #指定生成私钥文件

在客户端生成密钥对

ssh-keygen -t rsa [-P \'password\'] [-f “~/.ssh/id_rsa"]

把公钥文件传输至远程服务器对应用户的家目录

ssh-copy-id [-i [identity_file]] [user@]host

重设私钥口令(对私钥加密)

ssh-keygen -p

#### 范例:
准备两台机器

10.0.0.124 server
10.0.0.164 client

root@client:~# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): #回车,接受默认值
Enter passphrase (empty for no passphrase): #回车,不设置密码
Enter same passphrase again: #回车
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:qYT0Pa/K9MtW3OQlQ6j4BNaNOZDS7RRaj5wRWNYZy7Y root@client
The key\'s randomart image is:
+---[RSA 2048]----+
| ..BBB.+ |
| . =B=.. |
| .o.=+o=. |
| . o..+o .+ . |
| . ooS.E+ + |
| . ..oo o |
| o .. |
| o o.. |
| oo=. |
+----[SHA256]-----+

root@client:~# ll .ssh/
total 8
drwx------ 2 root root 61 Aug 24 09:43 ./
drwx------ 5 root root 227 Aug 24 09:29 ../
-rw------- 1 root root 0 Jul 4 13:35 authorized_keys
-rw------- 1 root root 1679 Aug 24 09:43 id_rsa
-rw-r--r-- 1 root root 393 Aug 24 09:43 id_rsa.pub

root@client:~# cat .ssh/id_rsa.pub
ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQDIWwhtsNIutQw/SXcypTOS+HBYAm23zGbSok45l+Epd
ooiXTlOpBTW/QvJXzavZBkim8V3UbSxo9NZY5kWORPdlzZQ8lGBKRDAg4e4g6uQmzR96oVhac
2hgosXhUpF4Jtzea/3bLwgMHwfK2SY8HDbZGJkgaUscM5ljv8oQ66+JfEcRxTqRg/aDxK7Ui2
2eITdOGAo65f6lhYYK+nLNlYzhPm9sukAsYPPzU3ODexzq5nztlXY+UlL1xSE8svMxbWDzAZU
YlegmpwZmUiPfNeRdsPizr65Fo2GLsNh0AThryeAgBGxXBNo9YhzB4dmvcEeC6om5tI18vp6C
+WNryIL
root@client

root@client:~# cat .ssh/id_rsa
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAyFsIbbDSLrUMP0l3MqUzkvhwWAJtt8xm0qJOOZfhKXaKIl05
TqQU1v0LyV82r2QZIpvFd1G0saPTWWOZFjkT3Zc2UPJRgSkQwIOHuIOrkJs0feqF
YWnNoYKLF4VKReCbc3mv92y8IDB8HytkmPBw22RiZIGlLHDOZY7/KEOuviXxHEcU
6kYP2g8Su1IttniE3ThgKOuX+pYWGCvpyzZWM4T5vbLpALGDz81Nzg3sc6uZ87ZV
2PlJS9cUhPLLzMW1g8wGVGJXoJqcGZlIj3zXkXbD4s6+uRaNhi7DYdAE4a8ngIAR
sVwTaPWIcweHZr3BHguqJubSNfL6egvlja8iCwIDAQABAoIBADnTZExcY11Nrbo6
VufMHGWHxMzx7n7ExMx4QcGHn1nbN6URaO/UlZszL4qwK1VVu5dshAKbF17J3L8I
6u8qDBzBftDAD1wK4SXfEHXlsseqs+y/mj1yTwIVblWch8JBQDyE24+611UnCTvp
x0AI7Vm00F0Xufdom3leWzBg0Hdac01XpXduXsi7u0gyspK+hNmP3sMsMq2lSLEj
ogJJW0E9JICO7vQNOA04riDNDHzrmRri1dCLxtH5jf2RaKtuhZI5QDLonF3DfEbp
3eR55MslgovK1wpQau91SClHl7/K6MnNE/sYH5Z+/hsptH+pcioNoMyYtzJlunS2
N1dZZGkCgYEA5YzhPdcf1a9eZknEeOcUDo0GoWUmVIxz1aO5z5L9Ss5rqQivFO18
TQbaJvY8JGRUngbTBWj8b6RqgPtIUM3fFBVtHWo5ZI3K6rosPm3iSDuiPPCly4Rv
/P83UIvy8ZcMLS1AZYEjKOFBaw+rzZ5a8/b/5Z1g3Y01XHBzKBs7e+8CgYEA33D8
sf1t2PLvhsBuaxHUqpvCfUkYyQBtAqNntMSisu1Xtinq8hEs5w/3scrg2s4k661+
kcaLbarwHbGLwSjJaP8wfsbu1G1KJmlRSJLVgukJtREGvN0XbFMnlNpVTK9c7ilu
BEs8OQimXpEevrs3x0Wb7D5cVzo4nlDU7RD+z6UCgYEAvpATtQjP7s8lKPl4V35O
Ej5VEMst5OasiuDeskmuaNmwWqVQ46i7lh5oIAwupW99J6s2p7keR3hQyj7RK/Oc
i8m1ycOTXbywheiELld+kMSgzMJigO+zIG6m9wEXcCQbAa4dVaa9D4TgkAZ0c8BQ
dVPJ4E6kSYiekdzwXI0u9pUCgYEAoxr3W3aEGTo9X0BZWg9KDsBk2M/jJ9cHvEVM
Dsj7e2GGBZPTzaB8Bq/BQCe4vAB/MwsSuZcVcJi3bvWL7xS28c5WuDS/YpHk7uUy
UKfe9BDo5SPopzU9Q/XvjtlSKwhX7gKQLNI+w+Nsjtugddp0fSJzD6D2BzaY3fhj
dipR14ECgYEAnyYBxHR2uWuevd6hK/RC5oW10ijy6QeZIG9FLiwoFmenM7IHHur0
o712mSTKzgMdCBwUKGGYczZOtupG/pBvZ5CGJqzsBuMGBxSflQKrYcxeh2Jlh9H2
wSbVW04iOZRX2NbSYUe9l1eR/YfJJOR/nIZuLYs8EhbK4axh09ZbbEU=
-----END RSA PRIVATE KEY-----

#把公钥拷贝到服务器端
root@client:~# ssh-copy-id root@10.0.0.124
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host \'10.0.0.124 (10.0.0.124)\' can\'t be established.
ECDSA key fingerprint is SHA256:Zi9gKhf1VDpttA+01Wlyt8d6oZWtbmMD2T5cugc7REQ.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.0.0.124\'s password:

Number of key(s) added: 1

Now try logging into the machine, with: "ssh \'root@10.0.0.124\'"
and check to make sure that only the key(s) you wanted were added.

root@server:~# ll .ssh/
total 8
drwx------ 2 root root 48 Aug 24 02:16 ./
drwx------ 5 root root 266 Aug 24 09:29 ../
-rw------- 1 root root 393 Aug 24 09:48 authorized_keys

root@server:~# cat .ssh/authorized_keys
ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQDIWwhtsNIutQw/SXcypTOS+HBYAm23zGbSok45l+Epd
ooiXTlOpBTW/QvJXzavZBkim8V3UbSxo9NZY5kWORPdlzZQ8lGBKRDAg4e4g6uQmzR96oVhac
2hgosXhUpF4Jtzea/3bLwgMHwfK2SY8HDbZGJkgaUscM5ljv8oQ66+JfEcRxTqRg/aDxK7Ui2
2eITdOGAo65f6lhYYK+nLNlYzhPm9sukAsYPPzU3ODexzq5nztlXY+UlL1xSE8svMxbWDzAZU
YlegmpwZmUiPfNeRdsPizr65Fo2GLsNh0AThryeAgBGxXBNo9YhzB4dmvcEeC6om5tI18vp6C
+WNryIL
root@client

#验证
root@client:~# ssh 10.0.0.124
Welcome to Ubuntu 18.04.5 LTS (GNU/Linux 4.15.0-154-generic x86_64)

77 packages can be updated.
1 update is a security update.

New release \'20.04.2 LTS\' available.
Run \'do-release-upgrade\' to upgrade to it.

Last login: Tue Aug 24 09:50:42 2021 from 10.0.0.164
root@server:~#

以上是关于ssh客户端命令的主要内容,如果未能解决你的问题,请参考以下文章

ssh 命令怎么用?

ssh客户端命令

?在Ubuntu系统中使用Git客户端来操作GitHub代码

ssh命令 远程登录

如何以编程方式获取有状态的 ssh shell 会话?

python 模拟 ssh 执行远程命令