双 11 期间入手了一台云服务器, 备案花了一两个星期, 这两天终于备案通过了. 于是在个人服务器上装了 Docker 容器用于部署项目, 准备尽量把所有的服务都打包成容器, 方便统一管理运维.
于是利用 docker 搭建了 nginx 作为反向代理服务器, 负责请求分发, 用 nginx 部署静态博客, 用 MySQL 暴露给个人项目使用...
但是千里之行始于足下, 一切还要从登录登出远程服务器开始, 本文基于 Centos7.6 环境, 不保证其他环境正常.
环境准备
服务器要求
如果你已经有云服务器或者虚拟机服务器, 首先需要验证服务器上是否已经安装 SSH 服务, 如果没有安装则需要提前安装.
登录服务器后, 在命令行窗口中输入 rpm -qa | grep SSH 查看是否包括 SSH 相关文件.
- [root@snowdreams1006 ~]# rpm -qa | grep SSH
- openssh-clients-7.4p1-16.el7.x86_64
- libssh2-1.4.3-12.el7_6.2.x86_64
- openssh-server-7.4p1-16.el7.x86_64
- openssh-7.4p1-16.el7.x86_64
默认情况下运行 netstat -antp | grep sshd 命令, 可以看到 sshd 服务监听的端口正是默认的 22 端口.
- [root@snowdreams1006 ~]# netstat -antp | grep sshd
- tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1051/sshd
- tcp 0 0 *.*.*.*:22 *.*.*.*:46797 ESTABLISHED 17334/sshd: root@pt
其实一般云服务器均已预装好 SSH 服务, 如果没有上述输出, 则说明可能并没有安装 SSH 服务, 可以使用 yum install openssh-server 进行安装.
下面总结一些关于 sshd 的常用命令, 如下
查看 sshd 运行状态
systemctl status sshd
如果运行结果包括 Active: active (running) 则证明 sshd 服务处于激活状态, 如果是 Active: inactive (dead) 则表示服务已关闭.
[root@snowdreams1006 ~]# systemctl status sshd
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: active (running) since 五 2019-11-29 21:05:08 CST; 16h ago
- Docs: man:sshd(8)
- man:sshd_config(5)
- Main PID: 1051 (sshd)
- Tasks: 1
- Memory: 10.9M
- CGroup: /system.slice/sshd.service
└─1051 /usr/sbin/sshd -D
启动 | 关闭 | 重启 sshd 服务
systemctl start sshd
针对处于已经关闭 sshd 状态时, 可以再次启动, 如果已经启动, 则不会输出结果, 但还是启动中.
systemctl stop sshd
针对处于正在运行 sshd 状态时, 可以停止服务, 如果已经停止, 则不会输出结果, 但还是停止中.
systemctl restart sshd
针对处于正在运行 sshd 状态或者已经停止状态时, 可以重启服务, 虽然都不会输出结果, 但已经启动.
开机自启 | 禁止自启 sshd 服务
systemctl list-unit-files | grep enabled
查看全部开机自启服务, 如果包括 sshd 则表示 sshd 已加入开机自启服务, 如果没有则不会开机自启.
systemctl list-unit-files | grep enabled | grep sshd
如果全部开机自启服务比较多的话, 肉眼不太直接看出 sshd 是否自启, 在上一条命令的基础上多加一个 grep sshd 即可过滤是否包含 sshd 服务.
systemctl enable sshd
开机自启服务, 如果某些服务非常重要需要一直后台运行的话, 最好加入开机自启, 这样能防止意外关机重启服务器后忘记开启服务, 比如 sshd 服务和 docker 服务等等.
systemctl disable sshd
针对已经开机自启服务进行禁用, 运行 systemctl list-unit-files | grep enabled | grep sshd 可以查看当前服务是否会开机自启.
如果你现在还没有服务器但又想学习体验一下, 要么立即花钱去买服务器要么免费安装虚拟机, 或者先收藏起来以后再看!
针对立即购买服务器的小伙伴, 请私信联系我, 用我的推广链接购买, 你有优惠, 我有分成, 何乐而不为呢?
我要购买云服务器, 最好还是留言或者私信告诉我!
针对免费安装虚拟机体验的用户, 可以根据自己的操作系统, 参考以下推文进行安装, 有问题也可以联系我!
我想安装虚拟机, 最好还是留言或者私信告诉我!
- snowdreams1006$ SSH
- usage: SSH [-46AaCfGgKkMNnqsTtVvXxYy] [-B bind_interface]
- [-b bind_address] [-c cipher_spec] [-D [bind_address:]port]
- [-E log_file] [-e escape_char] [-F configfile] [-I pkcs11]
- [-i identity_file] [-J [user@]host[:port]] [-L address]
- [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
- [-Q query_option] [-R address] [-S ctl_path] [-W host:port]
- [-w local_tun[:remote_tun]] destination [command]
- $ SSH root@snowdreams1006.cn
- @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
- @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
- @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
- IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
- Someone could be eavesdropping on you right now (man-in-the-middle attack)!
- It is also possible that a host key has just been changed.
- The fingerprint for the ECDSA key sent by the remote host is
- SHA256:/RJ5aI+c41Brr1dcBMhdNHQJa7daP+8fbupqsGmHRHc.
- Please contact your system administrator.
- Add correct host key in /c/Users/Administrator/.SSH/known_hosts to get rid of this message.
- Offending ECDSA key in /c/Users/Administrator/.SSH/known_hosts:5
- ECDSA host key for 121.40.223.69 has changed and you have requested strict checking.
- Host key verification failed.
- $ SSH root@snowdreams1006.cn
- The authenticity of host 'snowdreams1006.cn (*.*.*.*)' can't be established.
- ECDSA key fingerprint is SHA256:/**********************************.
- Are you sure you want to continue connecting (yes/no)? yes
- Warning: Permanently added 'snowdreams1006.cn,*.*.*.*' (ECDSA) to the list of known hosts.
- root@snowdreams1006.cn's password:
- Last login: *** from *.*.*.*
- Welcome to Alibaba Cloud Elastic Compute Service !
- [root@snowdreams1006 ~]#
- [root@snowdreams1006 ~]# whoami
- root
- [root@snowdreams1006 ~]# pwd
- /root
- root pts/0 2019-11-30 14:15 . 17506 (115.217.243.122)
- root pts/1 2019-11-30 14:28 00:05 17533 (115.217.243.122)
- [root@snowdreams1006 ~]# last -a | head -6
- root pts/1 Sat Nov 30 14:28 still logged in 115.217.243.122
- root pts/0 Sat Nov 30 14:15 still logged in 115.217.243.122
- root pts/0 Sat Nov 30 13:10 - 13:51 (00:41) 115.217.243.122
- root pts/0 Sat Nov 30 12:24 - 12:25 (00:00) 115.217.243.122
- root pts/1 Fri Nov 29 22:08 - 23:12 (01:03) 112.17.241.55
- root pts/0 Fri Nov 29 21:33 - 22:13 (00:39) 112.17.241.55
- [root@snowdreams1006 ~]# who am i
- root pts/0 *** (*.*.*.*)
- [root@snowdreams1006 ~]# w
- 14:53:04 up 17:48, 3 users, load average: 0.00, 0.01, 0.05
- USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
- root pts/0 115.217.243.122 14:15 0.00s 0.81s 0.00s w
- root pts/1 115.217.243.122 14:51 1:37 0.00s 0.00s -bash
- [root@snowdreams1006 ~]# w
- 14:58:46 up 17:53, 2 users, load average: 0.00, 0.01, 0.05
- USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
- $ cat ~/.SSH/id_rsa.pub
- SSH-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC0gC0u4gR4oba4oHS59Tcc4eAVkaJHsCmys0v4IupoSLQKkdUJVxSfkmL5JZEkr7JNySD7Y52ukRcxx1ZMW0oK7lq+FvfEwzIfAOqVoM4bCoh2D/iC6Xf43ilxCM6oMhpWyITGtxPVzW/ZmmxRGcQzeVrrvoSLhOt0+L0rvFuiQZmnhkV0zqGTRKTQ5uEKycigfdItEaHFIg9fMxugN/bgeflJoEBZjAJHXkqd0mq/4AqeAbkoruEz6D+OiqBhoN8CsbaPCaccMoKd8Tze5UszC3PsQWo96nQoXMXk7HYoFwvJCAgAfKP0CaTwGEK/D7SFvXm3UMlFwAHxELr2bbTv snowdreams1006@163.com
- [root@snowdreams1006 ~]# cat ~/.SSH/authorized_keys
- SSH-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC0gC0u4gR4oba4oHS59Tcc4eAVkaJHsCmys0v4IupoSLQKkdUJVxSfkmL5JZEkr7JNySD7Y52ukRcxx1ZMW0oK7lq+FvfEwzIfAOqVoM4bCoh2D/iC6Xf43ilxCM6oMhpWyITGtxPVzW/ZmmxRGcQzeVrrvoSLhOt0+L0rvFuiQZmnhkV0zqGTRKTQ5uEKycigfdItEaHFIg9fMxugN/bgeflJoEBZjAJHXkqd0mq/4AqeAbkoruEz6D+OiqBhoN8CsbaPCaccMoKd8Tze5UszC3PsQWo96nQoXMXk7HYoFwvJCAgAfKP0CaTwGEK/D7SFvXm3UMlFwAHxELr2bbTv snowdreams1006@163.com
- $ cat ~/.SSH/id_rsa.pub
- SSH-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1UGGBXbqINEfQNCweCOWDlqvRfw3iIqkX9UnI71GgyJkkPUZbycw3L4dVeBkpo76OJjJhJmsAGbHAuhYLloqoNjD9+c/hk7vgP0uZHqVXehqKuP5VvOOkqeLXZkjdXQ49MhARHBVm1LaD44iOOneYclSPiRjKs+6eCxU9SQp+dVUcZMrbAE1lktGgDQEkjtFl8BE9BQkCU24r8xcOUix4iZgdDIa5gnE9YLg1rNXO6LgQG61JLvErrc2g7KkkR4i2P1R+0uV3KdYyMv8Y2aYwYGqY1PjqXUVfaJjTor4Dr8HHBp4VHE3kNVZitLJ2S7RFYuYGFXTEX0xmi6o1r5xP Administrator@snowdreams1006
- $ SSH-copy-id root@snowdreams1006.cn
- /usr/bin/SSH-copy-id: INFO: Source of key(s) to be installed: "/c/Users/Administrator/.ssh/id_rsa.pub"
- /usr/bin/SSH-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
- /usr/bin/SSH-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
- root@snowdreams1006.cn's password:
- Number of key(s) added: 1
- Now try logging into the machine, with: "ssh'root@snowdreams1006.cn'"
- and check to make sure that only the key(s) you wanted were added.
- [root@snowdreams1006 ~]# cat ~/.SSH/authorized_keys
- SSH-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC0gC0u4gR4oba4oHS59Tcc4eAVkaJHsCmys0v4IupoSLQKkdUJVxSfkmL5JZEkr7JNySD7Y52ukRcxx1ZMW0oK7lq+FvfEwzIfAOqVoM4bCoh2D/iC6Xf43ilxCM6oMhpWyITGtxPVzW/ZmmxRGcQzeVrrvoSLhOt0+L0rvFuiQZmnhkV0zqGTRKTQ5uEKycigfdItEaHFIg9fMxugN/bgeflJoEBZjAJHXkqd0mq/4AqeAbkoruEz6D+OiqBhoN8CsbaPCaccMoKd8Tze5UszC3PsQWo96nQoXMXk7HYoFwvJCAgAfKP0CaTwGEK/D7SFvXm3UMlFwAHxELr2bbTv snowdreams1006@163.com
- SSH-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1UGGBXbqINEfQNCweCOWDlqvRfw3iIqkX9UnI71GgyJkkPUZbycw3L4dVeBkpo76OJjJhJmsAGbHAuhYLloqoNjD9+c/hk7vgP0uZHqVXehqKuP5VvOOkqeLXZkjdXQ49MhARHBVm1LaD44iOOneYclSPiRjKs+6eCxU9SQp+dVUcZMrbAE1lktGgDQEkjtFl8BE9BQkCU24r8xcOUix4iZgdDIa5gnE9YLg1rNXO6LgQG61JLvErrc2g7KkkR4i2P1R+0uV3KdYyMv8Y2aYwYGqY1PjqXUVfaJjTor4Dr8HHBp4VHE3kNVZitLJ2S7RFYuYGFXTEX0xmi6o1r5xP Administrator@snowdreams1006
- Host GitHub.com
- User snowdreams1006
- Hostname SSH.GitHub.com
- Host snowdreams1006.cn
- User root
- Hostname SSH.snowdreams1006.cn
- $ SSH snowdreams1006.cn
- Last login: **** from *.*.*.*
- Welcome to Alibaba Cloud Elastic Compute Service !
- [root@snowdreams1006 ~]#
- Host *
- PasswordAuthentication no
来源: https://www.cnblogs.com/snowdreams1006/p/11963310.html