RHCE 作业二

发布于:2023-02-12 ⋅ 阅读:(619) ⋅ 点赞:(0)

目录

1.实现ssh免密登录

2.ssh设置只允许student1, student2用户登录

3.http请求方法get和post的区别

4.HTTP状态码,常用的状态码有哪些?

5.HTTP请求报文和响应报文

6.HTTP是如何保持连接状态的


1.实现ssh免密登录

主机client免密登录主机server

(1)保证sshd服务开启

[root@client .ssh]# systemctl start sshd
[root@client .ssh]# systemctl status sshd
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor pre>
   Active: active (running) since Tue 2022-07-26 21:02:26 CST; 9min ago

(2)在/root/.ssh/目录下生成一对私钥和公钥

[root@client .ssh]# ssh-keygen -t rsa                     #生成一对私钥和公钥
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):       #默认,回车
Enter passphrase (empty for no passphrase):                    #默认,回车
Enter same passphrase again:                                   #默认,回车
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:/coLWhCCXteokxoqGQEXqZcMBM6QluWORcRrgkE/YsA root@client
The key's randomart image is:
+---[RSA 3072]----+
|X+B*             |
|XE=o   o         |
|+X.*+ + .        |
|++O+.= . .       |
|.o=.+ . S .      |
| + o . .   .     |
|+ .     o   .    |
|.      o o .     |
|      .   +.     |
+----[SHA256]-----+
[root@client .ssh]# ll /root/.ssh
total 8
-rw-------. 1 root root 2602 Jul 26 21:19 id_rsa
-rw-r--r--. 1 root root  565 Jul 26 21:19 id_rsa.pub

(3)将client的公钥写入server的/root/.ssh/authorized_keys文件中

[root@client .ssh]# ssh-copy-id root@192.168.5.128    # 若没有/root/.ssh/authorized_keys文件则会自动创建
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.5.128 (192.168.5.128)' can't be established.
ECDSA key fingerprint is SHA256:DfhFDt2EwYv+iqoMPJSjQ7AcULIMg+o3BDENpQrTioQ.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes    # 输入yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.5.128's password:             # 输入server主机root用户的密码

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@192.168.5.128'"
and check to make sure that only the key(s) you wanted were added.

(4)在client登录server主机——无需输入密码,实现免密登录

[root@client .ssh]# ssh 192.168.5.128
Activate the web console with: systemctl enable --now cockpit.socket

This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
To register this system, run: insights-client --register

Last login: Tue Jul 26 21:06:12 2022 from 192.168.5.1
[root@server ~]# 
[root@server ~]# ll /root/.ssh
total 4
-rw------- 1 root root 565 Jul 26 21:26 authorized_keys

2.ssh设置只允许student1, student2用户登录

(1)创建student1、student2用户

[root@server ssh]# useradd student1 -p redhat
[root@server ssh]# useradd student2 -p redhat

(2)修改配置文件/etc/ssh/sshd_config

[root@server ssh]# vim sshd_config 
…………
# Example of overriding settings on a per-user basis
#Match User anoncvs
#       X11Forwarding no
#       AllowTcpForwarding no
#       PermitTTY no
#       ForceCommand cvs server
AllowUsers student1 student2        #在最后一行添加此内容

(3)重启sshd服务

[root@server ssh]# systemctl restart sshd

(4)登录测试

[C:\~]$ ssh student1@192.168.5.128            #登录成功


Connecting to 192.168.5.128:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.

Activate the web console with: systemctl enable --now cockpit.socket

This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
To register this system, run: insights-client --register

Last failed login: Tue Jul 26 21:49:08 CST 2022 from 192.168.5.1 on ssh:notty
There were 8 failed login attempts since the last successful login.
/usr/bin/xauth:  file /home/student1/.Xauthority does not exist
[student1@server ~]$ 
[C:\~]$ ssh student2@192.168.5.128                #登录成功


Connecting to 192.168.5.128:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.

Activate the web console with: systemctl enable --now cockpit.socket

This system is not registered to Red Hat Insights. See https://cloud.redhat.com/
To register this system, run: insights-client --register

/usr/bin/xauth:  file /home/student2/.Xauthority does not exist
[student2@server ~]$ 
[C:\~]$ ssh redhat@192.168.5.128                    #其他用户如redhat无法登录


Connecting to 192.168.5.128:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
Connection closing...Socket close.

Connection closed by foreign host.

Disconnected from remote host(192.168.5.128:22) at 21:57:32.

Type `help' to learn how to use Xshell prompt.

[C:\~]$ ssh root@192.168.5.128                    #就连root用户也无法登录


Connecting to 192.168.5.128:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
Connection closing...Socket close.

Connection closed by foreign host.

Disconnected from remote host(192.168.5.128:22) at 21:56:06.

Type `help' to learn how to use Xshell prompt.

3.http请求方法get和post的区别

GET 方法:一般情况下,只从服务器获取数据下来,并不会对服务器资源产生任何影响的时候会使用get请求

POST 方法:向服务器发送数据(登录)、上传文件等,会对服务器资源产生影响的时候会使用post请求。

4.HTTP状态码,常用的状态码有哪些?

  • 状态代码:由三位数字组成,第一个数字定义了响应的类别,且有五种可能取值。

    • 1xx:指示信息 —— 表示请求已接收,继续处理

    • 2xx:成功 —— 表示请求已被成功接收、理解、接受

    • 3xx:重定向 —— 要完成请求必须进行更进一步的操作

    • 4xx:客户端错误 —— 请求有语法错误或请求无法实现

    • 5xx:服务器端错误 —— 服务器未能实现合法的请求

  • 常见状态代码、状态描述的说明如下:

    • 200 OK:客户端请求成功

    • 400 Bad Request:客户端请求有语法错误,不能被服务器所理解

    • 401 Unauthorized:请求未经授权,这个状态代码必须和 WWW-Authenticate 报头域一起使用

    • 403 Forbidden:服务器收到请求,但是拒绝提供服务

    • 404 Not Found:请求资源不存在,举个例子:输入了错误的URL

    • 500 Internal Server Error:服务器发生不可预期的错误

    • 503 Server Unavailable:服务器当前不能处理客户端的请求,一段时间后可能恢复正常

5.HTTP请求报文和响应报文

  • http请求报文:http请求报文由请求行、请求头部、空行和请求报文主体几个部分组成:

  • http响应报文:http响应报文由起始行、响应头部、空行和响应报文主体这几个部分组成:

6.HTTP是如何保持连接状态的

可以通过cookie和session来跟踪会话

  • cookie:一个HTTP cookie的(网络Cookie,浏览器cookie)是一小片数据的一个服务器发送到用户的网络浏览器。浏览器可以存储它并将其与下一个请求一起发送回同一服务器。通常,它用于判断两个请求是否来自同一个浏览器

  • session:客户端请求服务端,服务端(Tomcat)会为这次请求开辟一块内存空间,这个对象便是Session对象, 存储结构为ConcurrentHashMap。

  • 会话跟踪:用 Cookie 来实现Session跟踪的,第一次创建Session的时候,服务端会在HTTP协议中告诉客户端,需要在 Cookie 里面记录一个Session ID,以后每次请求把这个会话ID发送到服务器,我就知道你是谁了。