telnet 服务及抓包 查看

yum install -y telnet-server
systemctl restart telnet.socket
telnet root@10.0.0.61 23

ssh客户端命令

ssh -p22 oldboy@10.0.0.41 whoami

ssh服务端配置文件详解

image.png

[root@m01 ~]# egrep -i  '^port|^permitroot' /etc/ssh/sshd_config
Port 52113
PermitRootLogin no
[root@m01 ~]#  systemctl reload  sshd 
[root@m01 ~]# ss -lntup |grep ssh
tcp    LISTEN     0      128       *:52113                 *:*                   users:(("sshd",pid=7129,fd=3))
tcp    LISTEN     0      128      :::52113                :::*                   users:(("sshd",pid=7129,fd=4))


[root@m01 ~]# grep -in ^listenaddress /etc/ssh/sshd_config
20:ListenAddress 172.16.1.61

案例：多个网段多端口

Port 52213
内网 外网

ssh -p 52113 10.0.0.61
scp -P 52113 10.0.0.61
sftp -P 52113 10.0.0.61

ssh -p 22 10.0.0.61
scp -P 22 10.0.0.61
sftp -P 22 10.0.0.61

[root@m01 ~]# grep -in ^listenaddress /etc/ssh/sshd_config
20:ListenAddress 10.0.0.61:52113
21:ListenAddress 172.16.1.61:22
[root@m01 ~]# systemctl reload sshd 
[root@m01 ~]# ss -lntup |grep sshd 
tcp    LISTEN     0      128    10.0.0.61:52113                 *:*                   users:(("sshd",pid=7129,fd=4))
tcp    LISTEN     0      128    172.16.1.61:22                    *:*                   users:(("sshd",pid=7129,fd=3))

[root@m01 ~]# ssh -p52113 10.0.0.61 hostname 
root@10.0.0.61's password: 
m01
[root@m01 ~]# ssh -p22 172.16.1.61 hostname 
root@172.16.1.61's password: 
m01

yum install -y   sshpass pssh 

创建秘钥认证：

创建秘钥对

[root@m01 ~]# ssh-keygen -t dsa 
Generating public/private dsa key pair.
Enter file in which to save the key (/root/.ssh/id_dsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
SHA256:VW1UamyTZ0YDIHQxi00U7DrtJAX/BN0k5cbuhNRRA58 root@m01
The key's randomart image is:
+---[DSA 1024]----+
|        .ooO**BB=|
|         .*+ooO==|
|         .=o.oBE+|
|         . +.++= |
|        S + o. o |
|         + o .o  |
|          =    . |
|           .     |
|                 |
+----[SHA256]-----+

检查 秘钥

[root@m01 ~]# ll ~/.ssh/
total 12
-rw------- 1 root root 668 May 27 12:13 id_dsa
-rw-r--r-- 1 root root 598 May 27 12:13 id_dsa.pub
-rw-r--r-- 1 root root 695 May 27 11:22 known_hosts

发送公钥

[root@m01 ~]# ssh-copy-id -i ~/.ssh/id_dsa.pub  172.16.1.41 
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_dsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@172.16.1.41's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '172.16.1.41'"
and check to make sure that only the key(s) you wanted were added.

进行测试

[root@m01 ~]# ssh 172.16.1.41 hostname 
backup

批量并行执行命令

[root@m01 ~]# cat hosts.txt 
root@172.16.1.41:22
root@172.16.1.7:22
[root@m01 ~]# pssh -Ph hosts.txt hostname 
172.16.1.41: backup
[1] 12:42:51 [SUCCESS] root@172.16.1.41:22
172.16.1.7: web01
[2] 12:42:51 [SUCCESS] root@172.16.1.7:22

[root@m01 ~]# prsync -A -azh  hosts.txt   /etc/hostname  /tmp/
Warning: do not enter your password if anyone else has superuser
privileges or access to your account.
Password: 
[1] 12:52:11 [SUCCESS] root@172.16.1.41:22
[2] 12:52:11 [SUCCESS] root@172.16.1.7:22
[root@m01 ~]# 
[root@m01 ~]# 
[root@m01 ~]# pssh -A  -Ph hosts.txt cat /tmp/hostname 
Warning: do not enter your password if anyone else has superuser
privileges or access to your account.
Password: 
172.16.1.41: m01
[1] 12:52:32 [SUCCESS] root@172.16.1.41:22
172.16.1.7: m01
[2] 12:52:32 [SUCCESS] root@172.16.1.7:22