ssh客户端命令

Posted 2021-08-25 江神神神神

tags:

篇首语：本文由小常识网(cha138.com)小编为大家整理，主要介绍了ssh客户端命令相关的知识，希望对你有一定的参考价值。

1、ssh常用参数、用法

ssh命令是ssh客户端，允许实现对远程系统经验证地加密安全访问
当用户远程连接ssh服务器时，会复制ssh服务器/etc/ssh/ssh_host*key.pub文件中的公钥到客户机的~/.ssh/know_hosts中。下次连接时，会自动匹配相对应的私钥，不能匹配，将拒绝连接

ssh客户端配置文件：/etc/ssh/ssh_config

主要配置


#StrictHostKeyChecking ask
首次登录不显示检查提示
StrictHostKeyChecking no

IdentityFile ~/.ssh/id_rsa

IdentityFile ~/.ssh/id_dsa

IdentityFile ~/.ssh/id_ecdsa

IdentityFile ~/.ssh/id_ed25519

Port 22

#### 范例：禁止首次连接的询问过程

[root@centos8 ~]# sed -i.bak \'/StrictHostKeyChecking/s/.*/StrictHostKeyChecking no/\' /etc/ssh/ssh_config

#### 格式

ssh [user@]host [COMMAND]
ssh [-l user] host [COMMAND]

#### 常见选项

-p port #远程服务器监听的端口
-b #指定连接的源IP
-v #调试模式
-C #压缩方式
-X #支持x11转发
-t #强制伪tty分配，如：ssh -t remoteserver1 ssh -t remoteserver2 ssh remoteserver3
-o option 如：-o StrictHostKeyChecking=no
-i <file> #指定私钥文件路径，实现基于key验证，默认使用文件： ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519，~/.ssh/id_rsa等

#### 范例：

[root@centos-8 ~]#ssh -t 10.0.0.150 ssh -t 10.0.0.124 ssh 10.0.0.164
root@10.0.0.150\'s password:
root@10.0.0.124\'s password:
root@10.0.0.164\'s password:
Last login: Tue Aug 24 02:16:39 2021 from 10.0.0.124

#### 范例：远程执行命令

[root@centos-8 ~]#ssh 10.0.0.124 "sed -i.bak \'/StrictHostKeyChecking/s/.*/StrictHostKeyChecking no/\' /etc/ssh/ssh_config"
root@10.0.0.124\'s password:

#### 范例：在远程主机运行本地shell脚本

[root@centos-8 ~]#hostname -I
10.0.0.150 192.168.122.1
[root@centos-8 ~]#cat test.sh
#!/bin/bash
hostname -I
[root@centos-8 ~]#ssh 10.0.0.124 /bin/bash < test.sh
root@10.0.0.124\'s password:
10.0.0.124 172.17.0.1

#### 1.1 ssh基于密钥的登录方式
ssh-keygen命令常用参数：

-t #指定算法，默认rsa
-p #指定给私钥加密密码
-f #指定生成私钥文件

在客户端生成密钥对

ssh-keygen -t rsa [-P \'password\'] [-f “~/.ssh/id_rsa"]

把公钥文件传输至远程服务器对应用户的家目录

ssh-copy-id [-i [identity_file]] [user@]host

重设私钥口令(对私钥加密)

ssh-keygen -p

#### 范例：
准备两台机器

10.0.0.124 server
10.0.0.164 client

root@client:~# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): #回车，接受默认值
Enter passphrase (empty for no passphrase): #回车，不设置密码
Enter same passphrase again: #回车
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:qYT0Pa/K9MtW3OQlQ6j4BNaNOZDS7RRaj5wRWNYZy7Y root@client
The key\'s randomart image is:
+---[RSA 2048]----+
| ..BBB.+ |
| . =B=.. |
| .o.=+o=. |
| . o..+o .+ . |
| . ooS.E+ + |
| . ..oo o |
| o .. |
| o o.. |
| oo=. |
+----[SHA256]-----+

root@client:~# ll .ssh/
total 8
drwx------ 2 root root 61 Aug 24 09:43 ./
drwx------ 5 root root 227 Aug 24 09:29 ../
-rw------- 1 root root 0 Jul 4 13:35 authorized_keys
-rw------- 1 root root 1679 Aug 24 09:43 id_rsa
-rw-r--r-- 1 root root 393 Aug 24 09:43 id_rsa.pub

root@client:~# cat .ssh/id_rsa.pub
ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQDIWwhtsNIutQw/SXcypTOS+HBYAm23zGbSok45l+Epd
ooiXTlOpBTW/QvJXzavZBkim8V3UbSxo9NZY5kWORPdlzZQ8lGBKRDAg4e4g6uQmzR96oVhac
2hgosXhUpF4Jtzea/3bLwgMHwfK2SY8HDbZGJkgaUscM5ljv8oQ66+JfEcRxTqRg/aDxK7Ui2
2eITdOGAo65f6lhYYK+nLNlYzhPm9sukAsYPPzU3ODexzq5nztlXY+UlL1xSE8svMxbWDzAZU
YlegmpwZmUiPfNeRdsPizr65Fo2GLsNh0AThryeAgBGxXBNo9YhzB4dmvcEeC6om5tI18vp6C
+WNryIL
root@client

root@client:~# cat .ssh/id_rsa
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAyFsIbbDSLrUMP0l3MqUzkvhwWAJtt8xm0qJOOZfhKXaKIl05
TqQU1v0LyV82r2QZIpvFd1G0saPTWWOZFjkT3Zc2UPJRgSkQwIOHuIOrkJs0feqF
YWnNoYKLF4VKReCbc3mv92y8IDB8HytkmPBw22RiZIGlLHDOZY7/KEOuviXxHEcU
6kYP2g8Su1IttniE3ThgKOuX+pYWGCvpyzZWM4T5vbLpALGDz81Nzg3sc6uZ87ZV
2PlJS9cUhPLLzMW1g8wGVGJXoJqcGZlIj3zXkXbD4s6+uRaNhi7DYdAE4a8ngIAR
sVwTaPWIcweHZr3BHguqJubSNfL6egvlja8iCwIDAQABAoIBADnTZExcY11Nrbo6
VufMHGWHxMzx7n7ExMx4QcGHn1nbN6URaO/UlZszL4qwK1VVu5dshAKbF17J3L8I
6u8qDBzBftDAD1wK4SXfEHXlsseqs+y/mj1yTwIVblWch8JBQDyE24+611UnCTvp
x0AI7Vm00F0Xufdom3leWzBg0Hdac01XpXduXsi7u0gyspK+hNmP3sMsMq2lSLEj
ogJJW0E9JICO7vQNOA04riDNDHzrmRri1dCLxtH5jf2RaKtuhZI5QDLonF3DfEbp
3eR55MslgovK1wpQau91SClHl7/K6MnNE/sYH5Z+/hsptH+pcioNoMyYtzJlunS2
N1dZZGkCgYEA5YzhPdcf1a9eZknEeOcUDo0GoWUmVIxz1aO5z5L9Ss5rqQivFO18
TQbaJvY8JGRUngbTBWj8b6RqgPtIUM3fFBVtHWo5ZI3K6rosPm3iSDuiPPCly4Rv
/P83UIvy8ZcMLS1AZYEjKOFBaw+rzZ5a8/b/5Z1g3Y01XHBzKBs7e+8CgYEA33D8
sf1t2PLvhsBuaxHUqpvCfUkYyQBtAqNntMSisu1Xtinq8hEs5w/3scrg2s4k661+
kcaLbarwHbGLwSjJaP8wfsbu1G1KJmlRSJLVgukJtREGvN0XbFMnlNpVTK9c7ilu
BEs8OQimXpEevrs3x0Wb7D5cVzo4nlDU7RD+z6UCgYEAvpATtQjP7s8lKPl4V35O
Ej5VEMst5OasiuDeskmuaNmwWqVQ46i7lh5oIAwupW99J6s2p7keR3hQyj7RK/Oc
i8m1ycOTXbywheiELld+kMSgzMJigO+zIG6m9wEXcCQbAa4dVaa9D4TgkAZ0c8BQ
dVPJ4E6kSYiekdzwXI0u9pUCgYEAoxr3W3aEGTo9X0BZWg9KDsBk2M/jJ9cHvEVM
Dsj7e2GGBZPTzaB8Bq/BQCe4vAB/MwsSuZcVcJi3bvWL7xS28c5WuDS/YpHk7uUy
UKfe9BDo5SPopzU9Q/XvjtlSKwhX7gKQLNI+w+Nsjtugddp0fSJzD6D2BzaY3fhj
dipR14ECgYEAnyYBxHR2uWuevd6hK/RC5oW10ijy6QeZIG9FLiwoFmenM7IHHur0
o712mSTKzgMdCBwUKGGYczZOtupG/pBvZ5CGJqzsBuMGBxSflQKrYcxeh2Jlh9H2
wSbVW04iOZRX2NbSYUe9l1eR/YfJJOR/nIZuLYs8EhbK4axh09ZbbEU=
-----END RSA PRIVATE KEY-----

#把公钥拷贝到服务器端
root@client:~# ssh-copy-id root@10.0.0.124
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host \'10.0.0.124 (10.0.0.124)\' can\'t be established.
ECDSA key fingerprint is SHA256:Zi9gKhf1VDpttA+01Wlyt8d6oZWtbmMD2T5cugc7REQ.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.0.0.124\'s password:

Number of key(s) added: 1

Now try logging into the machine, with: "ssh \'root@10.0.0.124\'"
and check to make sure that only the key(s) you wanted were added.

root@server:~# ll .ssh/
total 8
drwx------ 2 root root 48 Aug 24 02:16 ./
drwx------ 5 root root 266 Aug 24 09:29 ../
-rw------- 1 root root 393 Aug 24 09:48 authorized_keys

root@server:~# cat .ssh/authorized_keys
ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABAQDIWwhtsNIutQw/SXcypTOS+HBYAm23zGbSok45l+Epd
ooiXTlOpBTW/QvJXzavZBkim8V3UbSxo9NZY5kWORPdlzZQ8lGBKRDAg4e4g6uQmzR96oVhac
2hgosXhUpF4Jtzea/3bLwgMHwfK2SY8HDbZGJkgaUscM5ljv8oQ66+JfEcRxTqRg/aDxK7Ui2
2eITdOGAo65f6lhYYK+nLNlYzhPm9sukAsYPPzU3ODexzq5nztlXY+UlL1xSE8svMxbWDzAZU
YlegmpwZmUiPfNeRdsPizr65Fo2GLsNh0AThryeAgBGxXBNo9YhzB4dmvcEeC6om5tI18vp6C
+WNryIL
root@client

#验证
root@client:~# ssh 10.0.0.124
Welcome to Ubuntu 18.04.5 LTS (GNU/Linux 4.15.0-154-generic x86_64)

Documentation: https://help.ubuntu.com
Management: https://landscape.canonical.com
Support: https://ubuntu.com/advantage

System information as of Tue Aug 24 09:51:42 UTC 2021

System load: 0.12 Processes: 233
Usage of /: 7.9% of 99.95GB Users logged in: 1
Memory usage: 91% IP address for eth0: 10.0.0.124
Swap usage: 48% IP address for docker0: 172.17.0.1
Super-optimized for small spaces - read how we shrank the memory
footprint of MicroK8s to make it the smallest full K8s around.

https://ubuntu.com/blog/microk8s-memory-optimisation

77 packages can be updated.
1 update is a security update.

New release \'20.04.2 LTS\' available.
Run \'do-release-upgrade\' to upgrade to it.

Last login: Tue Aug 24 09:50:42 2021 from 10.0.0.164
root@server:~#

以上是关于ssh客户端命令的主要内容，如果未能解决你的问题，请参考以下文章

ssh 命令怎么用？

ssh客户端命令

?在Ubuntu系统中使用Git客户端来操作GitHub代码

ssh命令远程登录

如何以编程方式获取有状态的 ssh shell 会话？

python 模拟 ssh 执行远程命令