Ubuntu Server 第七章 远程管理

释放双眼,带上耳机,听听看~!

前言

我笔记是直接从苑老师的第二章开始写的:-D,有朋友可能不了解链接终端的方式。目前我本地是Vmware 虚拟机 + Xshell SSH链接。关于SSH,不仅仅做用为链接,还可以做更多,前面的CS搭配Metasploit一章中也使用到了SSH隧道相关的知识。远程连接也不仅只有SSH一种远程连接方式。

生产坏境的服务器大多部署在专门的机房里,无论是租用还是自建。这种坏境下噪声、电磁、氧气、湿度、温度都不适合人长期活动。服务器放置在机房,也为了避免无关人员因意外等原因接触到业务服务器导致服务器宕机。

理想的情况下呢,维护人员在办公室通过远程连接到服务器进行管理和配置。主流的操作系统都支持远程管理技术(Windows 、Linux、Mac OS :-D)。由于我们使用的 Ubuntu Server ,没有配置图形化界面,不能像和windows下图形化远程管理,只能命令行远程管理。

Telnet

第一个介绍的是Telnet,这是一个古老的命令行远程管理工具,查了了WIKI百科,1969被开发出来。Telnet的一些特点:

  • 明文传输数据导致不安全

  • 服务端口使用默认TCP 123

由于Telnt的明文传输特性,推荐使用的工具是SSH,虽然很古老,在一些场景下我们仍然会用到它,例如笔者在接触路由器与交换机时就经常使用Telnet。使用Telnet可以进行简单的端口探测,例如: telnet smtp.163.com25,如链接成功则代表相关服务开启。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo apt install telnetd </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#安装telnet服务,安装完成之后自动运行</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">systemctl status inetd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看服务已经为"active (running)"状态</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo netstat </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">pantu </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">|</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">grep </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">23</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#检查端口发现端口也被开启侦听</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">issue</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">net </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#可修改Telnet服务的Banner的信息</span></code></span></span></p></li>
   </ol>

客户端使用 telnet IP(服务器IP,输入账号名和密码,就可远程连接到服务器。

SSH

前面说推荐使用SSH,我们这里说的SSH,指的是OpenSSH。OpenSSH是SSH(SecureShell)协议的免费开源实现,OoenSSH是一个工具套件,不仅有SSH,还有sftp、scp等(和ftp,rcp相似,不过更加安全),目前是OpenBSD的子计划。Ubuntu默认情况下都安装了Openssh-server,Openssh-client。如果没有可使用 apt install命令安装,默认使用端口22(可修改)。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo apt install openssh</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">server </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#安装</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">systemctl status sshd</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看服务状态</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssh</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sshd_config </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#服务器端配置文件</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssh</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssh_config </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"># 客户端配置文件默认配置文件</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">~/.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssh</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">config </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#用户配置文件</span></code></span></span></p></li>
   </ol>
   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssh IP </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#打开另一个机器终端,使用SSH连接发现不用输入用户名,SSH默认情况下使用本机用户名</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssh </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">l user IP</span></code></span></span></p></li>
   </ol>

SSH协议有两个主要的大版本:SSH1和SSH2。所有的现代Linu发行版中,OpenSSH服务器默认禁用了SSH1。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssh</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sshd_config </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#打开服务器端配置文件,下面解释一些关键的参数</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#Banner none #默认注释,可修改"/etc/issue.net",和Telnet一样,重启生效</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#Port 22 #默认22,修改为非知名端口提高安全性</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#PubkeyAuthentication yes #默认注释不启用密钥登录,具体配置参考文末的参考链接。大致原理为生成一对公私钥,服务端使用公钥加密数据,客户端使用私钥解密返回数据验证身份。</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#ListenAddress 0.0.0.0 #默认监听所有网卡的地址,可根据需要修改为指定网卡的地址</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#PermitRootLogin prohibit-password #出于安全考虑,默认禁用Root账户登录</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#PasswordAuthentication yes #可禁止使用口令认证,强制使用密钥认证</span></code></span></span></p></li>
   </ol>

SSH工具

SCP是Liunx系统下基于SSH登录进行安全的远程文件传输命令。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">scp local_file remote_username@remote_ip</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">:</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">remote_folder </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#从本地复制到远程</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">scp a</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">txt IP</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">:</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#默认使用的是本地账号,默认目录为主目录</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">scp </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">rv local_folder remote_ip</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">:</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">remote_folder </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#递归复制整个目录并以详细的方式显示输出</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">scp remote_username@remote_ip</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">:</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">remote_folder local_file </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#参数调换,变成了从远程下载到本地</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">scp root@1</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">1.1</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">1</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">:/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">tmp</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">file</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">txt </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#拷贝文件到本地</span></code></span></span></p></li>
   </ol>

scp就介绍到这里,接下来我们介绍另一个文件传输的工具—sftp,SFTP是SSH、FTP的结合,SFTP在FTP的基础上对数据进行加密。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sftp remote_username@remote_ip </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#基于SSH,所以链接参数与SSH相同。</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sftp</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">></span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#输入密码成功验证会得到一个sftp的shell</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sftp</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">></span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> get file </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#get文件即可下载文件到本地</span></code></span></span></p></li>
   </ol>

加密与解密

下面这个工具是有关加解密的,加解密的核心是算法。算法分为两类,对称和非对称。对称加密算法很好理解,加解密的两端使用同一个密钥。与对称不同,非对称加密算法需要两个密钥:公开密钥(publickey)和私有密钥(privatekey)。

公开密钥与私有密钥是一对,如果用公开密钥对数据进行加密,只有用对应的私有密钥才能解密;如果用私有密钥对数据进行加密,那么只有用对应的公开密钥才能解密。因为加密和解密使用的是两个不同的密钥,所以这种算法叫作非对称加密算法。

非对称加密算法实现机密信息交换的基本过程是:甲方生成一对密钥并将其中的一把作为公用密钥向其它方公开;得到该公用密钥的乙方使用该密钥对机密信息进行加密后再发送给甲方;甲方再用自己保存的另一把专用密钥对加密后的信息进行解密。甲方只能用其专用密钥解密由其公用密钥加密后的任何信息。

知乎的这个答主的解释我也觉得非常到位

给你一把打开的锁,用它锁住重要的东西寄回给我。钥匙我自己留着谁也不给。

锁=公钥;钥匙=私钥 ——Irvine

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssh</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">keygen </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">t rsa </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">b </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">4069</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#ssh-keygen是OpenSSH里的密钥生成工具,这里指定使用了RSA算法与生成4069长度的密钥对,生成过程中可设置私钥口令,生成两个文件id_rsa(私钥)、id_rsa.pub(公钥)。</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssh</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">keygen </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">p </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">f </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">~/.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssh</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">id_rsa </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#输入旧的口令,可修改私钥的口令,注意权限问题</span></code></span></span></p></li>
   </ol>

拷贝公钥到服务端

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssh</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">copy</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">id remote_username@remote_ip </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#复制公钥文件到SSH服务端</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssh</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">copy</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">id </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">i </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">~/.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssh</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">id_rsa</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">pub remote_username@remote_ip </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#指定文件拷贝,同上,服务端在.ssh下会新建公钥文件"authorized_keys"</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">chmod </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">400</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">~/.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssh</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">id_rsa </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#推荐SSH客户端公钥权限设置为所有者仅读</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">chmod </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">600</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">~/.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssh</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">authorized_keys </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#推荐SSH服务端推荐设置为所有者仅读写</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssh remote_username@remote_ip </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#和普通SSH链接一样,不过下面要求输入私钥的密码,没有设置私钥密码将直接链接成功</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">Enter</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> passphrase </span><span class="kwd" style="box-sizing: border-box;color: rgb(204, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">for</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> key </span><span class="str" style="box-sizing: border-box;color: rgb(153, 204, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">'/home/xiaowu/.ssh/id_rsa'</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">:</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#输入密码验证成功即可链接</span></code></span></span></p></li>
   </ol>

还有一些比较少见但是非常有用的命令

通过SSH ssh root@10.10.10.131ping wuhash.com,这条命令将bash命令通过SSH输入给服务端sehll执行后,输出结果返回到本地的终端。后面的命令部分可灵活调整。

经常在企业下有这样的场景,企业的带宽非常昂贵,又需要大量的上传带宽。这个时候我们对上传的速度加以限制,从而不影响其它业务的运行。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">tar </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">cj local_folder </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">|</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> remote_username@remote_ip </span><span class="str" style="box-sizing: border-box;color: rgb(153, 204, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">'tar -xj'</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#利用管道将目录同时压缩后传输,传输后解压</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo apt install cstream pv </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#安装两个工具实现对速度的限制和实时更新</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">tar </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">cj local_folder </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">|</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> pv </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">|</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> cstream </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">t </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">200k</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">|</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> remote_username@remote_ip </span><span class="str" style="box-sizing: border-box;color: rgb(153, 204, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">'tar -xj'</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#同上</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">du </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">hs dirname </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#之前没有介绍,查看目录的命令</span></code></span></span></p></li>
   </ol>

这里需要两台虚拟机,笔者使用的是Kali Linux和Ubuntu Server 。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#kali 上执行</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssh </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">C </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">f </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">N </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">g </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">L listen_port</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">:</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">DST_Host</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">:</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">DST_port user@Tunnel_Host </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#命令格式,详细说明参考文末链接</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ssh </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">fN </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">L </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">2000</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">:</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">localhost</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">:</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">23</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> xiaowu@10</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">10.10</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">130</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#10.10.10.130是Ubuntu Server,已经启动telnet服务</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">netstat </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">pantu </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">|</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">grep </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">2000</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看端口是否开启</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">telnet </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">127.0</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">0.1</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">2000</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#输入用户名和密码,发现自己登陆上了Ubntu Server</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">kill </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">9</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> PID </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#结束进程</span></code></span></span></p></li>
   </ol>

利用了SSH隧道将远端的23端口映射到了本机2000端口,连接本地的200端口就相当与连接了远端的23端口

ssh-fN-L listen_port:B_Host:B_Host user@C_Host,我们借SSH隧道,实现了访问本地的端口,得到B主机的B端口的回复,而在B主机看来是C主机在访问它。关于SSH隧道在安全中还有更多的应用,这里不在过多讲述。

这里随便提一下,可以使用 curl wget telnet ssh来粗略的探测端口开放。

前面介绍过本地文件挂载,SSH也可以做到,而且是远程挂载。

sshfs user@hostname:path mout_point:这里user为远程主机用户名,hostname为远程主机IP地址,path为远程主机中想要挂载到本地的目录,mount_point为挂载到本地的目录。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">umount mout_point </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#root用户取消挂载,一般需要加'sudo'</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">fstab </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#写入fstab文件,可实现自动挂载</span></code></span></span></p></li>
   </ol>

SSH安全

上面的技巧已经足以应对基本的SSH会话,几个SSH会话勉强能够记忆,但是如果10个或者20个SSH会话呢?SSH提供了一种优雅且灵活的方式来解决这个问题,利用SSH的用户配置文件config(~/.ssh/config,不存在则新建)管理ssh会话。格式如下(可通过 man ssh_config查看语法)

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">Host</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">别名</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">HostName</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">主机名</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">Port</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">端口</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">User</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">用户名</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">IdentityFile</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">密钥文件的路径</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">IdentitiesOnly</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">只接受</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">SSH key </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">登录</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">PreferredAuthentications</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">强制使用</span><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">Public</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">Key</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">验证</span></code></span></span></p></li>
   </ol>

使用 ssh别名即可链接

SSH防爆破

不知道你有没有看过这样的笔记本,一个带有数字转盘的笔记本,只有拨动齿轮到正确的数字才能打开笔记本,你是否尝试过有限的数字尝试破解出密码呢。密码破解也是同样,只要不断的尝试所有的密码空间,密码终究会被破解。假设我得到了SSH的用户名,视密码的复杂度不断尝试就可以破解得到权限。为此,我们需要一些配置来保证安全性。fail2ban是推荐的一个方式,fail2ban不仅仅只适用于SSH,它还适用于其他服务。fail2ban的原理很简单,读取SSH链接的日志,进行统计,调用系统的iptables进行TCP/IP 的链接拒绝。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">fail2ban</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">jail</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">conf </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#配置文件,fail2ban更新会将此文件覆盖</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo cp </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">fail2ban</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">jail</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">conf </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">fail2ban</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">jail</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="kwd" style="box-sizing: border-box;color: rgb(204, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">local</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#fail2ban中jail.local的优先级大于jail.conf</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">fail2ban</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">jail</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="kwd" style="box-sizing: border-box;color: rgb(204, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">local</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#配置文件修改</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ignoreip </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">127.0</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">0.1</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">8</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">::</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">1</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#定义信任IP,不会受fail2ban策略影响</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">bantime </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">10m</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#超过尝试次数之后的禁止尝试时间,可设为"-1"永久禁止</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">findtime </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">1</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#检查日志的间隔时间</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">marretry </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">5</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#允许的尝试次数</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#上面的参数可写在JAILS里,定义单个服务</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">ACTIONS </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#此后的参数定义触发规则之后的一些行为</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">destemail </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> root@localhost </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#触发尝试最大尝试次数之后发邮件通知</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">banaction </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> iptables</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">multiport </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#调用iptables禁用</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">JAILS </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#定义单个服务的配置行为,JAILS的配置优先于全局</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">SSH </span><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">Servers</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#配置较多,这里不贴出。下文是具体的SSH防护措施</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">enabled </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> true </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#开启状态</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">filter </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> sshd </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#定义日志中的关键词</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo systemctl restart fail2ban</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#最后,修改配置完成,重启服务生效</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo fail2ban</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">client status </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看jail数量、状态</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo fail2ban</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">client status sshd </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#可查看更详细的信息</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo iptables </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">S </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看防火墙规则</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo iptables </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">L </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">n </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看防火墙规则</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo </span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">tail </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">f </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">var</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">log</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">auth</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">log </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看登录认证日志</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo fail2ban</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">client </span><span class="kwd" style="box-sizing: border-box;color: rgb(204, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">set</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> sshd unbanip </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">{</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">IP</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">}</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#手动解禁IP,背后原理也是删除iptables中的规则</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo iptables </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">D f2b</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sshd </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">s </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">10.10</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">10.1</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">j REJECT </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#命令作用是删除iptables中的规则</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#某些情况下,解禁了IP之后,进行服务重启,重启时读取'var/log/auth.log',在被禁时间(bantime)的IP会再次被禁</span></code></span></span></p></li>
   </ol>

VNC

在Linux早期,字符界面带来的学习成本劝退了很多人,图形化的呼声也是越来越高。图形界面带来的易用性与人性化非常便利。Linux除了字符界面的远程管理工具,还有图形化界面的远程管理工具。比如适用范围最广(曾经接触过的思科ASA ,已知的树莓派,Win10 也可以配置VNC Server) VNC(Virtual Network Computing)。图形化远程管理的前提是服务端具有图形化环境,Ubuntu Server 默认未安装图形化环境。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo apt install gnome</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">core xfce4 xfce4</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">goodies </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#安装图形化环境,重启之后便出现了图形化环境</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo apt install tightvncserver </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#安装VNC服务端</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vncserver </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#被要求输入密码,这个密码是你的连接密码,还可以选择设置只能查看的密码,同时生成xstartup文件</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">netstat </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">pantu </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">|</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> grep </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">590</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#输入完成之后发现5901为起点的端口</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vncserver kill </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">:</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">1</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#端口后的数字和实例数字相同</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">mv </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">~/.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vnc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">xstartup </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">~/.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vnc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">xstartup</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">bak</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">~/.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vnc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">xstartup </span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#!/bin/bash</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">xrdp $HOME</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/.</span><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">Sresources</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">startxfce4 </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">&</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">chmod </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">+</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">x </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">~/.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vnc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">xstartup</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">vncserver </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#执行可看到返回实例</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">netstat </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">pantu </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">|</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> grep </span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">590</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#检查端口</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#笔者使用VNC Viewer 测试成功,使用VNC客户端,输入IP地址+端口,输入密码认证,即可连接成功。</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#如果想多个用户的话,推荐新建多个用户,使用"su user"切换到新建的用户主目录下编辑配置文件,启动实例</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#虽然VNC本身有加密机制,不推荐长期开启,可以通过前面的SSH隧道来提升安全性</span></code></span></span></p></li>
   </ol>

PUPPET

Puppet是一个IP基础设施自动化管理工具,它能够帮助系统管理员管理基础设施的整个生命周期:供应(provisioning)、配置(configuration)、联动(orchestration)及报告(reporting)。 基于puppet ,可实现自动化重复任务、快速部署关键性应用以及在本地或云端完成主动管理变更和快速扩展架构规模等。 遵循GPL 协议(2.7.0-), 基于 ruby语言开发。——珂儿吖

架设你有100台服务器需要部署同样的服务,到这里还没有介绍脚本,即使你有脚本,不可能手动的依次运行下去。这里PUPPET不进行深入,了解即可。准备两台Ubuntu server 虚拟机(VM的链接克隆很好用)。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo hostnamectl </span><span class="kwd" style="box-sizing: border-box;color: rgb(204, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">set</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">hostname puppet </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#重启生效</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo hostnamectl </span><span class="kwd" style="box-sizing: border-box;color: rgb(204, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">set</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">hostname client</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo apt install puppetmaster</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo apt install puppet</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">hosts </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#在客户端、服务端手动指向IP,下一章介绍DNS记录</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">10.10</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">10.131</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> puppet</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">lab</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">com puppet</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">10.10</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="lit" style="box-sizing: border-box;color: rgb(249, 145, 87);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">10.130</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> client</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">lab</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">com client</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo mkdir </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">-</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">p </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">modules</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">apache2</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">manifests</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#服务端</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">apache2</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">manifests</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">init</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">pp</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">class apache2 </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">{</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> package </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">{</span><span class="str" style="box-sizing: border-box;color: rgb(153, 204, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">'apache2'</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">:</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> ensure </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=></span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> installed</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">,</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">}</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> service </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">{</span><span class="str" style="box-sizing: border-box;color: rgb(153, 204, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">'apache2'</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">:</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> ensure </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=></span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> true</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">,</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> enable </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=></span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> true</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">,</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> require </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=></span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="typ" style="box-sizing: border-box;color: rgb(102, 153, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">Package</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">[</span><span class="str" style="box-sizing: border-box;color: rgb(153, 204, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">'apache2'</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">],</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">}</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">}</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">puppet</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">manifests</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">site</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">pp </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#服务端</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> node </span><span class="str" style="box-sizing: border-box;color: rgb(153, 204, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">'clent.lab.com'</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">{</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> include apache2</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">}</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo vim </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">etc</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">default</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">puppet </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#客户端</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;"> START</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">=</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">yes</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">systemctl start puppet</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service </span></code></span></span></p></li>
   </ol>

PUPPT的客户端与服务端是使用证书来加密通信的。

   <ol class="linenums list-paddingleft-2" style="list-style-type: none;">
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo puppet agent</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">--</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">fingerprint </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#客户端证书签名请求测试</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo puppet agent</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">--</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">test </span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo puppet cert list </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#服务端请求查看签名</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo puppet cert sign clent</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">lab</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">com</span></code></span></span></p></li>
    <li><p><br></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">sudo systemctrl statys puppet</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">.</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">service </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看服务状态</span></code></span></span></p></li>
    <li><p><span style="box-sizing: border-box;color: rgb(74, 74, 74);display: block;line-height: 22px;font-size: 14px !important;word-break: inherit !important;"><span style="box-sizing: border-box;line-height: 22px;display: block;word-break: inherit !important;"><code class="bash language-bash" style="box-sizing: border-box;margin-left: -20px;display: flex;overflow: initial;line-height: 12px;overflow-wrap: normal;border-width: 0px;border-style: initial;border-color: initial;font-size: 10px;font-family: inherit !important;white-space: pre !important;"><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">cat </span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">var</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">log</span><span class="pun" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">/</span><span class="pln" style="box-sizing: border-box;color: rgb(204, 204, 204);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">syslog </span><span class="com" style="box-sizing: border-box;color: rgb(153, 153, 153);line-height: 20px;font-size: 13px !important;white-space: inherit !important;">#查看日志状态信息</span></code></span></span></p></li>
   </ol>

关于PUTTEN的更多,由于苑老师时间精力原因不在过多的介绍,PUTTEN还有很多高级的用法,足以当成一门课了学习。可以想象,自动化运维工具必然是未来发展的趋势。

余总的车上不上

参考链接

Linux scp命令

Xshell配置ssh免密码登录-密钥公钥(Public key)

Linux有问必答:如何在Linux上检查SSH的版本

sshd_config配置详解

图解SSH原理

对称加密和非对称加密介绍和区别

如何用通俗易懂的话来解释非对称加密?

SSH隧道与端口转发及内网穿透

ssh隧道的妙用

利用 ssh 的用户配置文件 config 管理 ssh 会话

自动化运维工具——puppet详解(一)

本文源自微信公众号:渗透云笔记

人已赞赏
安全工具

浅谈新版CTFd的安装以及后期运维

2019-10-16 17:21:08

安全工具

魔法方法(第十五章)

2019-10-16 17:21:23

0 条回复 A文章作者 M管理员
    暂无讨论,说说你的看法吧
个人中心
购物车
优惠劵
今日签到
有新私信 私信列表
搜索