linux远程控制
挂载光驱:mount /dev/cdrom /mnt
ssh服务端:
yum -y install openssh openssh-clients
重启ssh服务,设置下次启动生效
systemctl restart sshd
systemctl enable sshd
ssh
22
连接协议、用户认证协议、传输协议
对称加密
基于密码认证
基于密钥认证
版本协商阶段
密钥和算法的协商
认证
会话请求
交互会话
sftp
put 先写客户端文件 服务端目录
get 服务端文件 客户端目录
scp 客户端文件 用户@服务器ip:服务器目录
scp 用户@服务器ip:服务器文件 客户端目录
ssh 用户名@服务器的IP
[root@ws ~]# ssh root@192.168.110.20
root@192.168.110.20's password:
Last login: Mon Jul 28 18:16:08 2025 from 192.168.110.10
[root@ws2 ~]#
能不能ssh远程控制
[root@ws ~]# cd /etc/ssh/
[root@ws ssh]# ls
moduli ssh_host_ecdsa_key ssh_host_ed25519_key.pub
ssh_config 服务端 ssh_host_ecdsa_key.pub ssh_host_rsa_key
sshd_config 客户端 ssh_host_ed25519_key ssh_host_rsa_key.pub
[root@ws ssh]# vim sshd_config
基于密钥验证
在客户端:
生成公钥和私钥
ssh-keygen
[root@ws ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): //密钥默认在/root/.ssh/id_rsa
Enter passphrase (empty for no passphrase): // 可以设置密码为空 为空登录不需要密码
Enter same passphrase again: //确认密码
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:AUxTGMufgUx1uxfGrGo6PTQEcCnfFcIhvL/TML9m5dE root@ws.example.com
The key's randomart image is:
+---[RSA 2048]----+
| .=OB=.o. |
| .=**.o.+ |
| o=+o.. = |
| o.o+ + . |
| oS o .. |
| *. .o E |
| ooB o . |
| .o= = . |
| .. =.. |
+----[SHA256]-----+
[root@ws ~]# cd .ssh/
[root@ws .ssh]# ls
id_rsa 私钥 id_rsa.pub 公钥 known_hosts
上传公钥到服务器端
ssh-cpoy-id -i ~/.ssh/id_rsa.pub root@192.168.110.20
[root@ws .ssh]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.110.20
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.110.20's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.110.20'"
and check to make sure that only the key(s) you wanted were added.
服务段验证有没有公钥
[root@ws2 ~]# ls -a
. .bash_profile .dbus .ssh 视频 桌面
.. .bashrc .esd_auth .tcshrc 图片
anaconda-ks.cfg .cache .ICEauthority .viminfo 文档
.bash_history .config initial-setup-ks.cfg 公共 下载
.bash_logout .cshrc .local 模板 音乐
[root@ws2 ~]# cd .ssh/
[root@ws2 .ssh]# ls
authorized_keys
[root@ws ~]# ssh root@192.168.110.20
Last login: Mon Jul 28 18:19:26 2025 from 192.168.110.10
[root@ws2 ~]#
ws1登录到ws2无需密码
必须是用户与用户之间
客户端:
ssh root@192.168.110.20 —不能上传、下载
sftp root@192.168.110.20 --可以上传、下载—put上传、get下载
scp /tmp/aa root@192.168.110.20:/var 上传
[root@ws1 ~]# sftp root@192.168.110.20
The authenticity of host '192.168.110.20 (192.168.110.20)' can't be established.
ECDSA key fingerprint is SHA256:ns26rOoUG181jGScbaJaHhHwWsVuzNSM8JHsnTQoRgg.
ECDSA key fingerprint is MD5:69:c8:73:82:90:f8:0b:71:cb:ce:ae:22:c1:0b:86:ca.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.110.20' (ECDSA) to the list of known hosts.
root@192.168.110.20's password:
Connected to 192.168.110.20.
sftp>
sftp> put a /tmp/
Uploading a to /tmp/a
a 100% 0 0.0KB/s 00:00
[root@ws2 tmp]# ls
a
[root@ws2 tmp]#
已经把ws1上的a文件上传到ws2上的/tmp
scp root@192.168.110.20:/tmp/cc /var 下载
先在ws2上创建aa文件
[root@ws2 tmp]# touch aa
sftp> get /tmp/aa . //.代表当前目录
Fetching /tmp/aa to ./aa
sftp> exit
[root@ws1 ~]# ls
a anaconda-ks.cfg initial-setup-ks.cfg 公共 文档 模板 音乐
aa b 下载 图片 桌面 视频
无需远程登录就可以传文件和下载文件 (仅限于linux与Linux)
[root@ws ~]# scp file1 root@192.168.110.20:/tmp/
file1 100% 0 0.0KB/s 00:00
[root@ws2 tmp]# ls
file1
下载文件
[root@ws2 tmp]# touch file2
[root@ws ~]# scp root@192.168.110.20:/tmp/file2 .
file2 100% 0 0.0KB/s 00:00
[root@ws ~]# ls
anaconda-ks.cfg file2 下载 图片 桌面 视频