目录
2.ssh设置只允许student1, student2用户登录
1.实现ssh免密登录
主机client免密登录主机server
(1)保证sshd服务开启
[root@client .ssh]# systemctl start sshd
[root@client .ssh]# systemctl status sshd
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor pre>
Active: active (running) since Tue 2022-07-26 21:02:26 CST; 9min ago
(2)在/root/.ssh/目录下生成一对私钥和公钥
[root@client .ssh]# ssh-keygen -t rsa #生成一对私钥和公钥
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): #默认,回车
Enter passphrase (empty for no passphrase): #默认,回车
Enter same passphrase again: #默认,回车
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:/coLWhCCXteokxoqGQEXqZcMBM6QluWORcRrgkE/YsA root@client
The key's randomart image is:
+---[RSA 3072]----+
|X+B* |
|XE=o o |
|+X.*+ + . |
|++O+.= . . |
|.o=.+ . S . |
| + o . . . |
|+ . o . |
|. o o . |
| . +. |
+----[SHA256]-----+
[root@client .ssh]# ll /root/.ssh
total 8
-rw-------. 1 root root 2602 Jul 26 21:19 id_rsa
-rw-r--r--. 1 root root 565 Jul 26 21:19 id_rsa.pub
(3)将client的公钥写入server的/root/.ssh/authorized_keys文件中
[root@client .ssh]# ssh-copy-id root@192.168.5.128 # 若没有/root/.ssh/authorized_keys文件则会自动创建
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.5.128 (192.168.5.128)' can't be established.
ECDSA key fingerprint is SHA256:DfhFDt2EwYv+iqoMPJSjQ7AcULIMg+o3BDENpQrTioQ.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes # 输入yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.5.128's password: # 输入server主机root用户的密码
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@192.168.5.128'"
and check to make sure that only the key(s) you wanted were added.
(4)在client登录server主机——无需输入密码,实现免密登录
[root@client .ssh]# ssh 192.168.5.128
Activate the web console with: systemctl enable --now cockpit.socket
This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
To register this system, run: insights-client --register
Last login: Tue Jul 26 21:06:12 2022 from 192.168.5.1
[root@server ~]#
[root@server ~]# ll /root/.ssh
total 4
-rw------- 1 root root 565 Jul 26 21:26 authorized_keys
2.ssh设置只允许student1, student2用户登录
(1)创建student1、student2用户
[root@server ssh]# useradd student1 -p redhat
[root@server ssh]# useradd student2 -p redhat
(2)修改配置文件/etc/ssh/sshd_config
[root@server ssh]# vim sshd_config
…………
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# PermitTTY no
# ForceCommand cvs server
AllowUsers student1 student2 #在最后一行添加此内容
(3)重启sshd服务
[root@server ssh]# systemctl restart sshd
(4)登录测试
[C:\~]$ ssh student1@192.168.5.128 #登录成功
Connecting to 192.168.5.128:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
Activate the web console with: systemctl enable --now cockpit.socket
This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
To register this system, run: insights-client --register
Last failed login: Tue Jul 26 21:49:08 CST 2022 from 192.168.5.1 on ssh:notty
There were 8 failed login attempts since the last successful login.
/usr/bin/xauth: file /home/student1/.Xauthority does not exist
[student1@server ~]$
[C:\~]$ ssh student2@192.168.5.128 #登录成功
Connecting to 192.168.5.128:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
Activate the web console with: systemctl enable --now cockpit.socket
This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
To register this system, run: insights-client --register
/usr/bin/xauth: file /home/student2/.Xauthority does not exist
[student2@server ~]$
[C:\~]$ ssh redhat@192.168.5.128 #其他用户如redhat无法登录
Connecting to 192.168.5.128:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
Connection closing...Socket close.
Connection closed by foreign host.
Disconnected from remote host(192.168.5.128:22) at 21:57:32.
Type `help' to learn how to use Xshell prompt.
[C:\~]$ ssh root@192.168.5.128 #就连root用户也无法登录
Connecting to 192.168.5.128:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
Connection closing...Socket close.
Connection closed by foreign host.
Disconnected from remote host(192.168.5.128:22) at 21:56:06.
Type `help' to learn how to use Xshell prompt.
3.http请求方法get和post的区别
GET 方法:一般情况下,只从服务器获取数据下来,并不会对服务器资源产生任何影响的时候会使用get请求
POST 方法:向服务器发送数据(登录)、上传文件等,会对服务器资源产生影响的时候会使用post请求。
4.HTTP状态码,常用的状态码有哪些?
状态代码:由三位数字组成,第一个数字定义了响应的类别,且有五种可能取值。
1xx:指示信息 —— 表示请求已接收,继续处理
2xx:成功 —— 表示请求已被成功接收、理解、接受
3xx:重定向 —— 要完成请求必须进行更进一步的操作
4xx:客户端错误 —— 请求有语法错误或请求无法实现
5xx:服务器端错误 —— 服务器未能实现合法的请求
常见状态代码、状态描述的说明如下:
200 OK:客户端请求成功
400 Bad Request:客户端请求有语法错误,不能被服务器所理解
401 Unauthorized:请求未经授权,这个状态代码必须和 WWW-Authenticate 报头域一起使用
403 Forbidden:服务器收到请求,但是拒绝提供服务
404 Not Found:请求资源不存在,举个例子:输入了错误的URL
500 Internal Server Error:服务器发生不可预期的错误
503 Server Unavailable:服务器当前不能处理客户端的请求,一段时间后可能恢复正常
5.HTTP请求报文和响应报文
http请求报文:http请求报文由请求行、请求头部、空行和请求报文主体几个部分组成:
http响应报文:http响应报文由起始行、响应头部、空行和响应报文主体这几个部分组成:
6.HTTP是如何保持连接状态的
可以通过cookie和session来跟踪会话
cookie:一个HTTP cookie的(网络Cookie,浏览器cookie)是一小片数据的一个服务器发送到用户的网络浏览器。浏览器可以存储它并将其与下一个请求一起发送回同一服务器。通常,它用于判断两个请求是否来自同一个浏览器
session:客户端请求服务端,服务端(Tomcat)会为这次请求开辟一块内存空间,这个对象便是Session对象, 存储结构为ConcurrentHashMap。
会话跟踪:用 Cookie 来实现Session跟踪的,第一次创建Session的时候,服务端会在HTTP协议中告诉客户端,需要在 Cookie 里面记录一个Session ID,以后每次请求把这个会话ID发送到服务器,我就知道你是谁了。