Please reprint from the source: http://eksliang.iteye.com/blog/2186931
1. Connect to the remote host
Format: ssh name@remoteserver E.g: ssh [email protected]
2. Connect to the port specified by the remote host
Format: ssh name@remoteserver -p 22 E.g: ssh [email protected] -p 1066
3. Run remote shell commands via SSH
Format: ssh -l name remoteserver 'commond' E.g: ssh -l root 192.168.27.211 'ifconfig'
Fourth, the combined use of ssh and cat
Format: ssh name@remoteserver cat remote file >> local file For example: redirect the remote id_rsa.pub data stream to the local ~/.ssh/authorized_keys file ssh aa@localhost cat /home/aa/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
Fifth, modify the SSH listening port
By default, SSH listens for connections on port 22. An attacker can use port scanning software to see if the host is running an SSH service. Changing the SSH port to a port greater than 1024 is a wise choice, because most port scanning software (including nmap) does not scan high-order ports by default. Open the /etc/ssh/sshd_config file and look for a line like this:
Port 22
Remove the # sign in front of the line, then modify the port number and restart the SSH service
/etc/init.d/sshd restart or service sshd restart
6. Prohibit root user login
Under normal circumstances, it is not necessary to log in to the remote host directly with the root user. Since the root user has super authority, this will bring security risks. Therefore, we generally log in as a common user, and then switch to the root user when we need to manage the remote host. Down. Open the /etc/ssh/sshd_config file and look for a line like this:
#PermitRootLogin yes
Remove the # sign, then change yes to no, restart the ssh service, so that the root user can be prohibited from logging in.