L70.linux命令每日一练 -- 第十章 Linux网络管理命令 -- nc和ssh

10.13 nc：多功能网络工具

10.13.1 命令详解

​ 【命令星级】 ★★★★☆

​ 【功能说明】

​ 　nc是一个简单、可靠、强大的网络工具，它可以建立TCP连接，发送UDP数据包，监听任意的TCP和UDP端口，进行端口扫描，处理IPv4和IPv6数据包。

​ 如果系统没有nc命令，那么可以手动安装，安装命令为yum -y install nc。

[root@centos6 ~]# rpm -q nc
nc-1.84-24.el6.x86_64	#nc版本号

​ 【语法格式】

nc [option]
nc [选项]

​ **说明：**在nc命令及后面的选项里，每个元素直接都至少要有一个空格。

​ 【选项说明】

​ 表10-13针对该命令的参数选项进行了说明。

​ 表10-13 nc命令的参数选项及说明

10.13.2 使用范例

​ 【环境准备】

​ 由于后面的测试和网络相关，因此需要准备好环境：需要关闭防火墙和selinux。

[root@centos6 ~]# /etc/init.d/iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination         
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
2    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           
3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
4    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22 
5    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination         
1    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination         

[root@centos6 ~]# /etc/init.d/iptables stop  
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Unloading modules:                               [  OK  ]
[root@centos6 ~]# /etc/init.d/iptables status
iptables: Firewall is not running.
[root@centos6 ~]# getenforce
Disabled

#关闭防火墙：/etc/init.d/iptables stop
#关闭selinux：setenforce 0

​ **范例10-42：**模拟TCP连接并传输文本内容（远程复制文件）。

[root@centos6 ~]# nc -l 12345 >neteagle.nc	#监听12345端口，将数据写入neteagle.nc。
#执行完上面的命令后，当前窗口挂起。
#新开一个窗口执行命令。
[root@centos6 ~]# netstat -lntup |grep 12345	#首先查看12345端口。
tcp        0      0 0.0.0.0:12345               0.0.0.0:*                   LISTEN      2911/nc 
[root@centos6 ~]# cat >neteagle.log<<EOF	#待用的文件。
> 6.8.0
> EOF
[root@centos6 ~]# nc 10.0.0.202 12345 <neteagle.log	#使用nc命令向10.0.0.202主机的12345端口传输neteagle.log文件。 
[root@centos6 ~]# netstat -lntup |grep 12345	#nc命令传输完数据后自动终止。
#回到第一个窗口，检查结果。
[root@centos6 ~]# cat neteagle.nc
6.8.0

​ **范例10-43：**用Shell模拟一个简单的Web服务器效果案例。

[root@centos6 ~]# cat >test.txt<<EOF
> welcome to my blog. http://www.neteagles.cn
> if you like my blog's contents,pls support me.
> bye! boys and girls.
> EOF
[root@centos6 ~]# vim web.sh
#!/bin/bash
while true	#使用while守护进程。
        do
                nc -l 80 <test.txt	#一直监听80端口，test.txt是发送给用户的内容。
done 
:wq               
[root@centos6 ~]# sh web.sh &>/dev/null &	#执行脚本并加入后台。
[4] 31099
[root@centos6 ~]# netstat -lntup |grep 80
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      31105/nc            
[root@centos6 ~]# curl 127.0.0.1	#使用curl命令访问，获得以下内容。
welcome to my blog. http://www.neteagles.cn
if you like my blog's contents,pls support me.
bye! boys and girls.

​ **范例10-44：**手动与HTTP服务器建立连接的例子。

​ 为了诊断网络连接故障，通常需要手动建立到服务器的整个连接过程，使用nc命令可以轻松地实现手动与HTTP服务器的连接：

**范例10-45：**利用nc进行端口扫描。

[root@centos6 ~]# nc -z 10.0.0.202 20-30	#点10.0.0.202主机的20到30端口。
Connection to 10.0.0.202 22 port [tcp/ssh] succeeded!
[root@centos6 ~]# nc -z 10.0.0.202 22  	#主机后面可以接单个地址或地址范围。
Connection to 10.0.0.202 22 port [tcp/ssh] succeeded!
[root@centos6 ~]# nc -z -v 10.0.0.202 20-30	#使用-v选项详细显示扫描过程。
nc: connect to 10.0.0.202 port 20 (tcp) failed: Connection refused
nc: connect to 10.0.0.202 port 21 (tcp) failed: Connection refused
Connection to 10.0.0.202 22 port [tcp/ssh] succeeded!
nc: connect to 10.0.0.202 port 23 (tcp) failed: Connection refused
nc: connect to 10.0.0.202 port 24 (tcp) failed: Connection refused
nc: connect to 10.0.0.202 port 25 (tcp) failed: Connection refused
nc: connect to 10.0.0.202 port 26 (tcp) failed: Connection refused
nc: connect to 10.0.0.202 port 27 (tcp) failed: Connection refused
nc: connect to 10.0.0.202 port 28 (tcp) failed: Connection refused
nc: connect to 10.0.0.202 port 29 (tcp) failed: Connection refused
nc: connect to 10.0.0.202 port 30 (tcp) failed: Connection refused

​ 范例10-46： 使用 nc命令，模拟QQ聊天。

​ 打开两个命令抗窗口，模拟两个人聊天的场景。

​ 首先在第一个窗口执行如下命令，执行完成会hang住等待输入状态：

[root@centos6 ~]# nc -l 12345

​ 然后在第2个窗口执行如下命令，执行完也会hang住等待输入状态：

[root@centos6 ~]# nc 127.0.0.1 12345	#如果是不同系统，需要输入第一个窗口的IP。-

​ 此时两个窗口都等待输入内容。我们先新建第3个窗口，查看他们奖励的网络连接：

[root@centos6 ~]# netstat -ntp |grep nc	#12345端口是nc指定开放的，44192端口是系统为了和12345端口通信随机开放的，当然也可以使用-p选项指定开放端口。
tcp        0      0 127.0.0.1:12345             127.0.0.1:44192             ESTABLISHED 101091/nc           
tcp        0      0 127.0.0.1:44192             127.0.0.1:12345             ESTABLISHED 108998/nc 

​ 怎么聊天呢？很简单，你在第一个窗口中输入想要说的话，然后敲回车键，悄悄话就会自动发送到对方（第二个窗口），和QQ的效果一样：

[root@centos6 ~]# nc -l 12345
hi,I am neteagle.		#在第一个窗口输入想要说的话，然后敲回车键。

​ 对方（第二个窗口）也只需输入回复的话然后敲回车键，消息就能发送给你：

[root@centos6 ~]# nc 127.0.0.1 12345
hi,I am neteagle.	#第二个窗口已看到了说话的内容。
hello,I am younggirl,how do you do?	#在第二个窗口中说话，返回第一个窗口也可以看见。

[root@centos6 ~]# nc -l 12345
hi,I am neteagle.
hello,I am younggirl,how do you do?

​ 如果不想聊天了，按住Ctrl+d正常退出。

10.14 ssh：安全地远程登录主机

10.14.1 命令详解

​ 【命令星级】 ★★★★★

​ 【功能说明】

​ 　ssh命令是openssh套件中的客户端连接工具，可以使用ssh加密协议实现安全的远程登录服务器，实现对服务器的远程管理，Windows中的替代工具为Xshell、putty、SecureCRT等。

​ 【语法格式】

ssh [option] [user@]hostname [command]
ssh [选项] [用户@][主机名或IP地址] [远程执行的命令]

​ 说明：

​ 1）在ssh命令及后面的选项里，每个元素直接都至少要有一个空格。

​ 2）如果省略了用户，则默认是当前执行ssh命令的用户。

​ 3）远程执行的命令是可选项。

​ 【选项说明】

​ 表10-14针对该命令的参数选项进行了说明。

​ 表10-14 ssh命令的参数选项及说明

10.14.2 使用范例

10.14.2.1 基础范例

​ **范例10-47：**远程登录服务器。

[root@centos7 ~]# ssh 10.0.0.202	#这时远程登录服务器的简写命令，等同于ssh -p 22 [email protected]。
#下面四行内容只有在第一次连接远程服务器时会提示，再次连接就不会提示了。
The authenticity of host '10.0.0.202 (10.0.0.202)' can't be established.
RSA key fingerprint is SHA256:B0/rcxEB8cPheVkHbtpksluDK/bMZs8+VyQ7huuHkaQ.
RSA key fingerprint is MD5:8d:ed:58:b4:20:d6:fa:e3:03:69:80:9e:fe:b1:48:bb.
Are you sure you want to continue connecting (yes/no)? yes	#输入yes即可。
Warning: Permanently added '10.0.0.202' (RSA) to the list of known hosts.
[email protected]'s password: 	#如果省略用户，则默认是当前执行ssh命令的用户。此处输入远端服务器的密码123456，密码不可见。
#下面就登陆到远程服务器了，然后我们快速查看一下IP地址。
Last login: Sat Oct 31 03:03:44 2020 from 10.0.0.1
[root@centos6 ~]# hostname -I	#查看IP地址。
10.0.0.202 10.0.0.5 
[root@centos6 ~]# logout	#输入Ctrl+d注销登录。
Connection to 10.0.0.202 closed.

​ 如果不想使用root用户登录远程服务器，那么我们可以明确指定登录用户，也可以同时指定端口：

[root@centos7 ~]# ssh -p 22 [email protected]	#使用neteagle用户登录远程服务器，这个用户必须是远程服务器已有的用户，-p指定22端口。
[email protected]'s password: 	#输入密码123456。
Last login: Sat Oct 17 01:17:02 2020 from 10.0.0.1
[neteagle@centos6 ~]$ pwd	#查看当前所在的目录。
/home/neteagle
[neteagle@centos6 ~]$ logout
Connection to 10.0.0.202 closed.

​ **范例10-48：**远程执行命令的例子。

[root@centos7 ~]# ssh 10.0.0.202 "free -h"	#直接将要远程执行的命令放置到最后即可，用引号更规范，这里是查看所在服务器的内存信息。
[email protected]'s password: 	#输入密码123456。
             total       used       free     shared    buffers     cached
Mem:          979M       309M       670M       240K        18M       177M
-/+ buffers/cache:       113M       866M
Swap:         2.0G         0B       2.0G

10.14.2.2 生产案例

​ **范例10-49：**SSH远程连接服务比较慢的问题的排查方案。

[root@centos7 ~]# ssh -v [email protected]	#使用-v选项进入调试模式。
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 58: Applying options for *
debug1: Connecting to 10.0.0.202 [10.0.0.202] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: Authenticating to 10.0.0.202:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: [email protected] compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: [email protected] compression: none
debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:B0/rcxEB8cPheVkHbtpksluDK/bMZs8+VyQ7huuHkaQ
debug1: Host '10.0.0.202' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
No Kerberos credentials available (default cache: KEYRING:persistent:0)

debug1: Unspecified GSS failure.  Minor code may provide more information
No Kerberos credentials available (default cache: KEYRING:persistent:0)

debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ed25519
debug1: Next authentication method: password
[email protected]'s password: 	#这里是提示输入密码的交互提示。
debug1: Authentication succeeded (password).
Authenticated to 10.0.0.202 ([10.0.0.202]:22).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: pledge: network
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
Last login: Sat Oct 31 03:35:13 2020 from 10.0.0.201
#在远程连接时如果慢就可以确定卡在哪了。
[root@centos6 ~]# logout
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype [email protected] reply 0
debug1: channel 0: free: client-session, nchannels 1
Connection to 10.0.0.202 closed.
Transferred: sent 2736, received 2752 bytes, in 164.5 seconds
Bytes per second: sent 16.6, received 16.7
debug1: Exit status 0

[root@centos7 ~]# ssh -v [email protected]
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 58: Applying options for *
debug1: Connecting to 10.0.0.202 [10.0.0.202] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: Authenticating to 10.0.0.202:22 as 'neteagle'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: [email protected] compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: [email protected] compression: none
debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:B0/rcxEB8cPheVkHbtpksluDK/bMZs8+VyQ7huuHkaQ
debug1: Host '10.0.0.202' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
No Kerberos credentials available (default cache: KEYRING:persistent:0)

debug1: Unspecified GSS failure.  Minor code may provide more information
No Kerberos credentials available (default cache: KEYRING:persistent:0)

debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ed25519
debug1: Next authentication method: password
[email protected]'s password: 
debug1: Authentication succeeded (password).
Authenticated to 10.0.0.202 ([10.0.0.202]:22).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: pledge: network
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
Last login: Sat Oct 31 03:39:58 2020 from 10.0.0.201
[neteagle@centos6 ~]$ debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype [email protected] reply 0
logout
debug1: channel 0: free: client-session, nchannels 1
Connection to 10.0.0.202 closed.
Transferred: sent 2736, received 2752 bytes, in 18.5 seconds
Bytes per second: sent 148.1, received 149.0
debug1: Exit status 0