SSH connection
Basic Commands
ssh [ user] @[ remote address] < -p [ port] >
ssh [ user] @[ remote address] < command>
ssh [ user] @[ remote address] 'bash -s' < name.sh
cat name.ssh | ssh [ user] @[ remote address]
ssh -t sever1 -t ssh server2 -t ssh server3
sudo netstat -anp | grep ESTABLISHED | grep ssh | awk '{print $ 5}'
Configuring SSH connection
apt update && sudo apt install -y openssh-server
ssh-keygen
cd ~/.ssh; ls
ssh-copy-id [ user] @[ remote address]
ssh [ user] @[ remote address] 'mkdir -p .ssh&& cat >> ./ssh/authorized_keys' < ~/.ssh/id_rsa.pub
If the remote host does not support free or login dense root login, you need to modify the configuration
vim /etc/ssh/sshd_config
service sshd restart
systemctl restart sshd
config configuration file
Configure the server alias to avoid each time you log must enter the address and user
Host [ another name]
HostName [ remote address]
User [ user]
Port [ port]
IdentityFile ~/.ssh/id_rsa
File Locations
Located ~/.ssh/config
and /etc/ssh/ssh_config
Scope are current users and global
priority
High to low: Command Line Options> User Configuration> Global Configuration
man ssh_config
View full manual
Host match format
*
Matches all host names.
*.example.com
Matches .example.com the end.
!*.dialup.example.com, *.example.com
With! The beginning is to exclude the meaning.
192.168.0.?
Match 192.168.0. [0-9] of IP
Avoid SSH automatically disconnected when not operated for a long time
Host *
ServerAliveInterval 60
Keep the program running in the background
Sometimes you want to run a long-running program on a remote machine, such as some calculations, and then when you sleep on a nap before signing a remote machine, but did not find any results. This is because once the ssh process exits, all programs before it starts will be killed
You can nohup
still keep the run after the shell exits
You can also tmux
achieve
By http or socks proxy server connection
ssh -o "ProxyCommand nc -X 5 -x <porxy address>:<proxy port> %h %p" < server user> @< server address>
Host *
ProxyCommand nc -X 5 -x < porxy address> :< proxy port> %h %p
nc need to use openbsd version, traditional version does -X parameters
apt install -y netcat-openbsd
sudo update-alternatives --config nc
Select Version
% H which indicates the target address,% p is the target port
-X
Designated agency agreement
5
It is socks5
4
It is socks4
connect
Is http
-x
Designated proxy address [: Port]
If no port is specified, port commonly employed protocol
HTTP protocol port 3128
SOCKS5 protocol port 1080
Note: Do not use nc handle the HTTP protocol, there are bug, replaced with corkscrew
Host *
ProxyCommand corkscrew < porxy address> < proxy port> %h %p
scp
scp -P [ port] /path/to/local/file [ user] @[ remote address] :/path/to/remote/dirctory
scp /path/to/local/file [ another name] :/path/to/remote/dirctory
scp -r [ another name] :path/to/remote/dirctory .
stfp
sftp [ user] @[ remote address] < -P [ port] >
> get /path/remote_file
> put local_file
> ls
> pwd
> exit
> cd < path>