1 ssh
ssh generally connected to the server, the authentication password authentication and key ways may be used.
1.1 password authentication
Ssh can be used directly:
ssh [email protected]
username is a user name, followed by the public network ip.
If you need to use a specific port login, plus p parameters, such as using port 12345:
ssh -p 12345 [email protected]
1.2 Key Authentication
Mr. Key Authentication need to key, and then use the public key scp uploaded to the server, and then modify the ssh server's configuration file.
1.2.1 Key generation
ssh-keygen -t rsa -b 4096 -C "email" -f /xxx/id_rsa
t represents an encryption algorithm, b specified number, C represents a comment, to identify the key, typically with a mailbox can. f represents the generated private key file location (need to add the file name), the public key will be placed in the same folder.
1.2.2 upload public key
Scp uploaded to the server using the public key, pay attention to is the public key, ssh-keygen will generate a public key and private key file pub at the end of the public key is the default call id_rsa.pub.
scp /xxxx/id_rsa.pub [email protected]:/root/
Here directly into the / root on the server.
1.2.3 modify the configuration file ssh
First use ssh password authentication server log, and then modify / etc / ssh / sshd_config:
cd /etc/ssh
cp sshd_config sshd_config.bak
vim sshd_config
PubKeyAuthentication find this line, to read as follows:
If you need to modify the port, search Port, directly modify:
Then restart sshd service:
systemctl restart sshd
1.2.4 Test Connection
ssh -i /xxx/id_rsa -p port [email protected]
Where i is the position of the private key, p modified parameters if the default port (22) is necessary to add custom port.
If the private key is generated on the windows, there may be a problem:
here prompted the private key permissions are 755, that is, other users read, modify 600:
chmod 600 /xxx/id_rsa
If you are using wsl may modify fail, need to add wsl configuration, modify /etc/wsl.conf (if not new)
vim /etc/wsl.conf
Input:
[automount]
enabled = true
options = "metadata,umask=22,fmask=11"
mountFsTab = false
Exit wsl restart, and then modify permissions, should be no problem.
2 scp
scp is an acronym for secure copy, usually from a server to download files or upload files to the server, ssh and similar, can use password authentication or authentication key or the specified port.
2.1 Upload files (folder) to the server
scp localFile [email protected]:/xxxx
scp -r localDir [email protected]:/xxx
The above is the password authentication methods, please add i key authentication parameter specifying the private key location:
scp localFile [email protected]:/xxx
scp -i /xxx/id_rsa -r localDir [email protected]:/xxxx
Please add P requires specific port parameters (note the uppercase, lowercase p ssh port parameters are not)
scp -i /xxx/id_rsa -P xx localFile [email protected]
2.2 from the server to download the file (folder)
scp [email protected]:/xxx /localDir
scp -r [email protected]:/xxx /localDir
The first is to download the file, the second is the download folder, you need to add r parameter.
Similarly, add i-key authentication parameters, which ports parameters P:
scp -i /xxx/id_rsa -P xx [email protected]:/xxx /localDir
scp -i /xxx/id_rsa -P xx -r [email protected]:/xxx /localDir