Network is attacked, in many cases due to the Telnet server provides services caused. Indeed, for UNIX systems, if you want to remotely manage it, be sure to use a remote terminal, and to use the remote terminals, natural to start the Telnet service on the server. But the Telnet service has a fatal weakness - it is transmitted in clear text user name and password, so it is easy to steal passwords by people with ulterior motives. At present, an effective instead of Telnet service is a useful tool for SSH service. When the SSH client and server-side communications, the user name and password are encrypted, effectively prevent eavesdropping of passwords. This article to tell you about the use of common operating systems running on the SSH server package.
First, SSH package consists of two parts, one part is server-side software package, and the other part is the client package. For UNIX, Linux system, the two packages are packaged separately in two different files. In Windows 9x / NT / 2000, also divided into two parts, the difference is that the server package can only run on more than 2000 Server version of Windows NT and Windows, while SSH client can run on all Windows systems . In addition, SSH is also divided into two versions of SSH1 and SSH2, SSH1 is a completely free package, while SSH2 will have to pay at the time of commercial use. Also known by its name is the first version of SSH1, SSH2 its function is not powerful, but because it is free, so widely used in many sites. SSH2 added a lot of features, and is compatible with SSH1 servers, can provide a good SSH1 client service support of. So, if your system is installed SSH2, there is no need to install SSH1 packages.
UNIX / Linux installation steps under SSH2
1. Download the package, download address www.ssh.com, download the latest package SSH2, to download the best source packages themselves to compile.
2. Extract and install:
# tar -zxvf ssh2-2.4.0.tar.gz
# cd ssh2-2.4.0
# ./configure
# make
#make install
The installation is complete. This process will actually server and client software packages installed together, without having to install client software package again. Compiled binary packages stored in the directory ftp://ftp.ssh.com/pub/ssh/rpm in rpm format. It is a software package used for non-commercial users, the package name is: ssh-2.4.0-1.i386.rpm, which includes support for X Window, and the other does not support the X Window packages for the ssh- .0-1nox.i386.rpm, can be installed directly after downloading. SSH2 package installer will install in / usr / local / bin and / usr / local / sbin.
SSH is installed on Windows NT
Under NT and Windows 2000 Server environment, the alternative server software: Vshell, ssh2-2.4.0.win-server. Vshell is a can provide SSH2 server provided by Van Dyke in Windows NT / 2000 environment package, download the following address: //www.vandyke.com/download/index.html. Another run in the Windows environment SSH server is SSHWinServer.exe, can be downloaded directly from the ftp://ftp.ssh.com/pub/ssh directory.
Installation under Windows environment is very simple, this will not introduce more.
And UNIX is different in the Windows environment, you need to install the server and client packages respectively. Running on the client software under Windows environment, you can also be downloaded from the above two sites, file names were SecureCRT and SSHWin-2.4.0-pl2.
Preparatory work on key
A. server-side generated user's own public key encryption key and open to the public use. In the UNIX environment, the method of key generation is as follows:
It requires users to enter a long string of authentication, the function of this string with the password quite, but it longer, typically less than 20 characters. Re-input the same input string to confirm correct, then, the system generates a pair of keys and a public key. Copy to the local public key, so that the client sent from the server to decrypt the information with. Of course, if you do not copy, the first time you log in, the server's public key will automatically push it to the client, so the client can the information provided by the server to decrypt identification.
B. The client generates the user key and public key encryption. Methods clients to generate their own key and the public key of the same server. And some support SSH client software under Windows environment using the method of their own generation, the specific circumstances vary, but it is certain that all support SSH clients can and must generate. To sshWin2.4 example as follows:
Open the menu: Edit → Settings → Globe settings → User keys → Generate New keypairs, follow the prompts to automatically generate a new key and public key pair.
Finally, copy the public key generated by the client to the host server's user directory (under UNIX should /home/usrname/.ssh2 directory). Different versions of the SSH public key has special requirements and file name of the key, specific situation, please read the installation instructions in the package.
Start SSH server
In the UNIX / Linux environment, the server program placed in / usr / local / sbin next directory, start as follows:
# sshd
# Ps x
We can see that SSHD already started. If you do not want to restart the system each time, to be run manually start the SSHD, you can write your own script, placed in the init.d directory, so that the system starts, automatically start the implementation of SSHD service work. Or add the line / usr / local / sbin / sshd may be directly in the rc.local. Windows NT start SSH2 Server / 2000 /, run the program group can start SSH2 Server.
Using SSH
Client in UNIX / Linux system is SSH, stored in / usr / local / bin directory. There SSH1, SSH2, scp and other client tools, log on the remote host using SSH as follows:
host.ip.of.remote
As with as Telnet, except that requires users to enter authentication string, the string if the authentication by the authentication, the users log on to be successful; if unsuccessful, then the system is to require the user to enter a password. After the password authentication is successful, the user can successfully log into the system. From the use of perspective, and Telnet is no different. And have SSH client software, if you want to upload files, do the same to open an FTP window to the past, again certified, and then upload the file. Use scp SSH client that comes with tools, you can directly upload files to a remote server. Use as follows:
host1:dir/filename host2:/home/abc/filename
In Windows system, available SSH clients have: SecurCRT, namely the support of SSH version of CRT (Download: //www.vandyke.com/), which is a very good support for SSH remote terminal, it supports both SSH1 and SSH2. Users can freely choose the server, it supports the appropriate standards. Another alternative is to provide ssh.com client, download address: ftp: //ftp.ssh.com/pub/ssh/SSHWin-2.4.0-pl2.exe, this is a new version of the SSH2 client . In addition, support SSH FTP client tool, in which there is a sshwin-2.4 SSH Secure File Transfer ient, it can be used to transfer files between the two host encryption. That is the function of scp. With SecureCRT's also a corresponding support SSH of FTP tools, its name is: SecureFX, you can download from www.vandyke.com/.
For various reasons, some to support the GUI SSH client will not necessarily be well supported above each server, you can combine these tools on their own, find their own tools. In general, under the UNIX client support for various server is the best. Usually in the choice of server and client software, the best choice for the same software vendor's product, so as not to incompatibility issues.
It should be added that, if you only want to use SSH2 do not want to pay, then a choice of free software is Openssh, it is a package agreement to comply with GPL, also supports SSH1 and SSH2 standard, is another widely used SSH package (available for download from www.openssh.com). The latest version Openssh is Openssh- 2.5.1, provides full source code. However, before compilation, should carefully read its documentation. Compilation process to use the zlib and openssl two packages, users first need to download and install them, and then after compiling openssh. Specific process, please read the install files in the package.
Reproduced in: https: //www.cnblogs.com/licheng/archive/2008/07/26/1251859.html