1、查看SSH是否安装。
输入命令:rpm -qa | grep ssh
注:若没安装SSH则可输入:yum install openssh-server安装。
[root@skycloud-1 ~]# rpm -qa | grep ssh
openssh-server-7.4p1-16.el7.x86_64
libssh2-1.4.3-12.el7_6.3.x86_64
openssh-7.4p1-16.el7.x86_64
openssh-clients-7.4p1-16.el7.x86_64
[root@skycloud-1 ~]#
2、启动SSH服务。
输入命令:systemctl restart sshd 重启SSH服务。
命令:systemctl start sshd 启动服务 | 命令:systemctl stop sshd 停止服务
重启后可输入:netstat -antp | grep sshd 查看是否启动22端口(可略)。
[root@skycloud-1 ~]# systemctl restart sshd
[root@skycloud-1 ~]#
3、如何设置SSH服务为开机启动?
输入命令:systemctl enable sshd 即可。
注:若是systemctl disable sshd 则禁止SSH开机启动。
[root@skycloud-1 ~]# systemctl enable sshd
[root@skycloud-1 ~]#
在生产环境中,通过私钥来登录linux是最安全的,登录方法如下:
在客户端节点(Linux或macos系统)
[root@bogon tmp]# chmod 400 skycloud.pem
[root@bogon tmp]# ssh -i skycloud.pem [email protected]
The authenticity of host '47.156.22.98 (47.156.22.98)' can't be established.
ECDSA key fingerprint is SHA256:bsqhV1RxWy+TPwSqTRdgxeyIorK1qEqazkPH3/V8kTE.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '47.156.22.98' (ECDSA) to the list of known hosts.
Last login: Thu Feb 27 05:06:22 2020 from 73.29.30.35
[centos@skycloud-1 ~]$
对于(非金融相关的)普通小企业来说,实用普通的账户密码即可满足安全需求
vim /etc/ssh/sshd_config 保证下面两个配置是如下设置
#允许使用密码登录
PasswordAuthentication yes
#允许root认证登录
PermitRootLogin yes
2、重启sshd
systemctl restart sshd
3、设置免密登录
ssh-kengen
ssh-copy-id -i .ssh/id_rsa.pub [email protected]