zhangdizhangdi

Linux

ssh 登录

密码登录

bash
# local端操作
$ ssh username@host

The authenticity of host 'host' can't be established.
xxx key fingerprint is SHxxxxxx
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])?  #输入yes

Warning: Permanently added 'host' (key) to the list of known hosts.

$ username@host's password: #输入server密码
#登录成功

server 公钥添加到了 local 的 /Users/username/.ssh/known_hosts

公钥登录

bash
# local端操作,将local公钥拷贝到server
$ ssh-copy-id -i id_rsa.pub username@host

# 输入服务器用户密码
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
username@host's password:  #输入服务器用户密码

Number of key(s) added:        1

Now try logging into the machine, with:   "ssh 'username@host'"
and check to make sure that only the key(s) you wanted were added.

# 可以ssh host直接登录不再要密码

server 用户目录下的 .ssh/authorized_keys 文件中 保存了 local 用户的公钥

ssh 登录时长修改

ssh 服务相关命令

bash
systemctl status sshd.service
systemctl start sshd.service
systemctl restart sshd.service
systemctl enable sshd.service

用户

创建新用户

bash
# server端操作
# root 创建一个新用户
$ useradd username
$ passwd username
# 查看用户
$ vim /etc/passwd

普通用户切换到 root

bash
$ yum install nginx
错误:运行此命令需要管理员特权(多数系统下是root用户)。
$ su -
密码:# root密码
# [root@xxx ~]#

su - 创建一个新的环境,相当于使用 root 用户正常登录 , 退出用 logout

bash
$ su -
[root@xxx ~]# logout
[username@xxx ~]$

su 在切换到 root 用户之后仍然保持 username 的环境,退出用 exit

bash
$ su
[root@xxx username]# logout
bash: logout: 不是登录 shell: 使用 'exit'
[root@xxx username]# exit
exit

sudo 需要输入当前用户的密码

bash
[username@xxx ~]$ sudo vim /etc/sudoers
[sudo] username 的密码:
username 不在 sudoers 文件中。此事将被报告。

登录 root,在 /etc/sudoers 加入

bash
# 'NOPASSWD:' sudo 操作可不用再输入密码
username ALL=(ALL) NOPASSWD: ALL

免密切换到 root

bash
sudo su -

文件(夹)

bash
# 从远程同步文件到本地
scp username@host:/etc/nginx/nginx.conf ~/

# 移动文件
mv /xxxx/nginx.conf /etc/nginx

查看端口

bash
# 查看 tcp,udp 的端口和进程
$ netstat -nultp

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:xxxx            0.0.0.0:*               LISTEN      222222/docker-proxy
tcp        0      0 0.0.0.0:xxxx            0.0.0.0:*               LISTEN      222222/docker-proxy
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1111/sshd
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1111/nginx: master
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      1111/nginx: master
tcp6       0      0 :::22                   :::*                    LISTEN      1111/sshd
udp        0      0 127.0.0.1:323           0.0.0.0:*                           000/chronyd
udp6       0      0 ::1:323                 :::*                                000/chronyd