SSH的简单管理

原创 于 2025-06-18 20:04:55 发布 · 2k 阅读 · 40 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
文章标签:

#github #网络

SSH带外管理

一、概述

ssh服务,一种远程管理连接工具,在CentOS7系统中默认安装并开机自启的。

SSH(Secure Shell)是一种安全通道协议,主要用来实现字符界面的远程登录,远程复制等功能。

监听tcp的22号端口。软件包名称:openssh

[root@localhost ~]# rpm -qi openssh
Name        : openssh
Version     : 7.4p1     #因安全问题请屏蔽版本号
Release     : 23.el7_9
Architecture: x86_64
Install Date: 2025年04月18日 星期五 16时27分58秒
Group       : Applications/Internet
Size        : 1991164
License     : BSD
Signature   : RSA/SHA256, 2023年08月08日 星期二 22时22分51秒, Key ID 24c6a8a7f4a80eb5
Source RPM  : openssh-7.4p1-23.el7_9.src.rpm
Build Date  : 2023年08月05日 星期六 00时00分53秒
Build Host  : x86-01.bsys.centos.org
Relocations : (not relocatable)
Packager    : CentOS BuildSystem <http://bugs.centos.org>
Vendor      : CentOS
URL         : http://www.openssh.com/portable.html
Summary     : An open source implementation of SSH protocol versions 1 and 2
Description :
SSH (Secure SHell) is a program for logging into and executing
commands on a remote machine. SSH is intended to replace rlogin and
rsh, and to provide secure encrypted communications between two
untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.

OpenSSH is OpenBSD's version of the last free version of SSH, bringing
it up to date in terms of security and features.

This package includes the core files necessary for both the OpenSSH
client and server. To make this package useful, you should also
install openssh-clients, openssh-server, or both.
[root@localhost ~]# systemctl status sshd
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: active (running) since 三 2025-06-18 17:44:13 CST; 53min ago
     Docs: man:sshd(8)
           man:sshd_config(5)
 Main PID: 1076 (sshd)
   CGroup: /system.slice/sshd.service
           └─1076 /usr/sbin/sshd -D

6月 18 17:45:52 localhost sshd[1350]: Failed password for invalid user ROOT from 192.168.198.1 port 49701 ssh2
6月 18 17:45:52 localhost sshd[1350]: pam_unix(sshd:auth): check pass; user unknown
6月 18 17:45:54 localhost sshd[1350]: Failed password for invalid user ROOT from 192.168.198.1 port 49701 ssh2
6月 18 17:45:54 localhost sshd[1350]: pam_unix(sshd:auth): check pass; user unknown
6月 18 17:45:56 localhost sshd[1350]: Failed password for invalid user ROOT from 192.168.198.1 port 49701 ssh2
6月 18 17:45:56 localhost sshd[1350]: error: maximum authentication attempts exceeded for invalid user ROOT fro...eauth]
6月 18 17:45:56 localhost sshd[1350]: Disconnecting: Too many authentication failures [preauth]
6月 18 17:45:56 localhost sshd[1350]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= ....198.1
6月 18 17:46:05 localhost sshd[1352]: Address 192.168.198.1 maps to localhost, but this does not map back to th...TEMPT!
6月 18 17:46:12 localhost sshd[1352]: Accepted password for root from 192.168.198.1 port 49732 ssh2
Hint: Some lines were ellipsized, use -l to show in full.

配置文件目录:/etc/ssh,sshd_config 服务端配置文件;ssh_config 客户端配置文件。

客户端提供:ssh、scp、sftp命令

服务端提供:sftp服务、ssh服务

二、 配置文件

服务端配置文件: sshd_config


[root@localhost ~]# cat /etc/ssh/sshd_config
#       $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/bin:/usr/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options override the
# default value.

# If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
#Port 22                   #默认端口号
#AddressFamily any         #支持的IP地址类型
#ListenAddress 0.0.0.0     #监听IPV4地址默认为所有
#ListenAddress ::          #监听IPV6地址

HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key

# Ciphers and keying
#RekeyLimit default none

# Logging
#SyslogFacility AUTH
SyslogFacility AUTHPRIV    #日志管理
#LogLevel INFO             #日志级别

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin yes       #是否允许root用户登录
#StrictModes yes           #严谨模式
#MaxAuthTries 6            #最多重试次数
#MaxSessions 10            #最多10次连接

#PubkeyAuthentication yes  #公钥认证登录

# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile      .ssh/authorized_keys    #存储公钥信息的文件

#AuthorizedPrincipalsFile none

#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no     #禁止空密码登录 
PasswordAuthentication yes   #开启用户密码认证 

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
ChallengeResponseAuthentication no    #

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
#KerberosUseKuserok yes

# GSSAPI options
GSSAPIAuthentication yes
GSSAPICleanupCredentials no
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no
#GSSAPIEnablek5users no

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
# WARNING: 'UsePAM no' is not supported in Red Hat Enterprise Linux and may cause several
# problems.
UsePAM yes               #使用系统用户及密码认证方式(PAM)

#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes        #图形界面转发
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation sandbox
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#ShowPatchLevel no
UseDNS no                 #DNS解析 关闭可提升ssh登录速度
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none

# no default banner path
#Banner none

# Accept locale-related environment variables
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS

# override default of no subsystems
Subsystem       sftp    /usr/libexec/openssh/sftp-server

# Example of overriding settings on a per-user basis
#Match User anoncvs
#       X11Forwarding no
#       AllowTcpForwarding no
#       PermitTTY no
#       ForceCommand cvs server

客户端配置文件: ssh_config,设置ssh命令连接的关键配置

Port 22 #设置ssh命令连接的默认端口

三、命令解析

#远程登录命令#
#语法:#
ssh [选项] [username@]ssh服务器的监听IP地址或者主机名(使用主机名时,保证客户端能够解析主机名)
#选项:#
-p port  指定连接服务器的监听端口
#远程拷贝命令#
#语法:#
#将本机的文件拷贝到远程主机#
scp  本机的文件路径  [username@]ssh服务器的监听IP地址或者主机名:/远程主机存储路径
#将远程主机的文件拷贝到本机#
scp    [username@]ssh服务器的监听IP地址或者主机名:/远程主机存储路径 本机的文件路径
#sftp服务登录命令#
sftp [选项] [username@]ssh服务器的监听IP地址或者主机名(使用主机名时,保证客户端能够解析主机名)

四、登录方式配置

1、用户名密码登录

默认方式,直接可以使用

2、公钥验证登录

密码学基础:

概念解析
对称加密双方采用相同的秘钥,安全性较低
非对称加密双方采用不同的秘钥,安全性较高
公钥大家都可以知道的秘钥。
私钥只有自己知道的秘钥。能够证明自己的身份信息

注意:公钥和私钥不能相互推导!!!

公钥与私钥之间能够相互解密!!!

数据加密

使用对端的公钥加密,接收端收到数据后,使用自己的私钥解密。作用是保证数据完整性。

数字签名

私用自己的私钥加密,接收端收到数据后,使用发送端的公钥解密。作用是保证发送者的身份唯一性。

ssh客户端生成密钥对

#生成密钥对的命令#
ssh-keygen ,默认是交互式
#常用选项:#
-t : 指定秘钥算法
-N : 指定秘钥短语
-f : 指定秘钥存储路径
[root@s1 .ssh]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
#非交互生成密钥对#
[zhx1@s1 ~]$ ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa
#默认保存到当前执行该命令的用户家目录中的.ssh目录#
[root@s1 .ssh]# ls
id_rsa  id_rsa.pub
#id_rsa: 私钥;id_rsa.pub: 公钥#
#拷贝公钥命令#
ssh-copy-id 
#ssh命令的特殊用法:远程执行ssh服务器的指令##
[root@s1 .ssh]# ssh 192.168.115.128 ip a
#注意:不能执行ssh-copy-id命令#

四、实操展示

客户端使用user1用户,并且以服务端的用户user2的身份登录,使用公钥对验证登录。

  

[root@localhost ~]# ssh root@192.168.129.129
root@192.168.129.129's password: 
Last login: Wed Jun 18 19:57:12 2025 from 192.168.129.1
[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:0c:e1:a7 brd ff:ff:ff:ff:ff:ff
    inet 192.168.129.129/24 brd 192.168.129.255 scope global noprefixroute dynamic ens33
       valid_lft 1607sec preferred_lft 1607sec
    inet6 fe80::657b:1e7b:896e:e502/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::d50f:4667:f3c1:2864/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
[root@localhost ~]# 
[root@localhost ~]# tcpdump -i ens33
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes
19:57:26.213887 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 1938988449:1938988645, ack 2851759186, win 251, length 196
19:57:26.216283 IP localhost.localdomain.57154 > 192.168.129.1.domain: 45319+ PTR? 1.129.168.192.in-addr.arpa. (44)
19:57:26.255998 IP 192.168.129.1.64695 > localhost.localdomain.ssh: Flags [.], ack 196, win 250, length 0
19:57:27.995170 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [P.], seq 397572923:397572975, ack 4244354255, win 253, length 52
19:57:27.995335 IP 192.168.129.128.ssh > 192.168.129.1.64647: Flags [.], ack 52, win 251, length 0
19:57:27.995768 IP 192.168.129.128.ssh > 192.168.129.1.64647: Flags [P.], seq 1:53, ack 52, win 251, length 52
19:57:27.996219 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [P.], seq 52:136, ack 53, win 253, length 84
19:57:27.997812 IP 192.168.129.128.ssh > 192.168.129.1.64647: Flags [P.], seq 53:125, ack 136, win 251, length 72
19:57:28.038645 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [.], ack 125, win 253, length 0
19:57:28.213138 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [.], ack 5965, win 255, length 0
19:57:28.213703 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [.], ack 8885, win 255, length 0
19:57:28.213763 IP 192.168.129.128.ssh > 192.168.129.1.64647: Flags [P.], seq 125:12485, ack 136, win 251, length 12360
19:57:28.213773 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [.], ack 12485, win 255, length 0
19:57:28.213778 IP 192.168.129.128.ssh > 192.168.129.1.64647: Flags [P.], seq 12485:14937, ack 136, win 251, length 2452
19:57:28.213781 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [.], ack 14937, win 255, length 0
19:57:28.213783 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [P.], seq 136:172, ack 14937, win 255, length 36
19:57:28.254099 IP 192.168.129.128.ssh > 192.168.129.1.64647: Flags [.], ack 172, win 251, length 0
19:57:28.319050 IP 192.168.129.128.ssh > 192.168.129.1.64647: Flags [P.], seq 14937:19069, ack 172, win 251, length 4132
19:57:28.319101 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [.], ack 19069, win 255, length 0
19:57:28.319110 IP 192.168.129.128.ssh > 192.168.129.1.64647: Flags [P.], seq 19069:27297, ack 172, win 251, length 8228
19:57:28.319116 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [.], ack 27297, win 255, length 0
19:57:28.319120 IP 192.168.129.128.ssh > 192.168.129.1.64647: Flags [P.], seq 27297:29765, ack 172, win 251, length 2468
19:57:28.319567 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [.], ack 29765, win 255, length 0
19:57:28.319570 IP 192.168.129.128.ssh > 192.168.129.1.64647: Flags [P.], seq 29765:29889, ack 172, win 251, length 124
19:57:28.319571 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [.], ack 29889, win 255, length 0
19:57:28.320147 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [P.], seq 172:208, ack 29889, win 255, length 36
19:57:28.321273 IP 192.168.129.128.ssh > 192.168.129.1.64647: Flags [.], ack 208, win 251, length 0
19:57:28.321275 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [P.], seq 208:244, ack 29889, win 255, length 36
19:57:28.324172 IP 192.168.129.128.ssh > 192.168.129.1.64647: Flags [.], ack 244, win 251, length 0
19:57:29.754698 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [P.], seq 244:280, ack 29889, win 255, length 36
19:57:29.754728 IP 192.168.129.128.ssh > 192.168.129.1.64647: Flags [.], ack 280, win 251, length 0
19:57:29.754731 IP 192.168.129.128.ssh > 192.168.129.1.64647: Flags [P.], seq 29889:29925, ack 280, win 251, length 36
19:57:29.797976 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [.], ack 29925, win 255, length 0
19:57:30.655841 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [P.], seq 280:316, ack 29925, win 255, length 36
19:57:30.657475 IP 192.168.129.128.55736 > localhost.localdomain.ssh: Flags [P.], seq 3206934467:3206934551, ack 1089442151, win 271, options [nop,nop,TS val 1349103 ecr 1307212], length 84
19:57:30.657510 IP localhost.localdomain.ssh > 192.168.129.128.55736: Flags [.], ack 84, win 250, options [nop,nop,TS val 1349445 ecr 1349103], length 0
19:57:30.657996 IP 192.168.129.128.ssh > 192.168.129.1.64647: Flags [P.], seq 29925:29961, ack 316, win 251, length 36
19:57:30.707908 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [.], ack 29961, win 255, length 0
19:57:30.710629 IP localhost.localdomain.ssh > 192.168.129.128.55736: Flags [P.], seq 1:29, ack 84, win 250, options [nop,nop,TS val 1349498 ecr 1349103], length 28
19:57:30.711412 IP 192.168.129.128.55736 > localhost.localdomain.ssh: Flags [.], ack 29, win 271, options [nop,nop,TS val 1349158 ecr 1349498], length 0
19:57:30.711650 IP 192.168.129.128.55736 > localhost.localdomain.ssh: Flags [P.], seq 84:196, ack 29, win 271, options [nop,nop,TS val 1349158 ecr 1349498], length 112
19:57:30.711680 IP localhost.localdomain.ssh > 192.168.129.128.55736: Flags [.], ack 196, win 250, options [nop,nop,TS val 1349499 ecr 1349158], length 0
19:57:30.724486 IP localhost.localdomain.ssh > 192.168.129.128.55736: Flags [P.], seq 29:529, ack 196, win 250, options [nop,nop,TS val 1349512 ecr 1349158], length 500
19:57:30.765671 IP 192.168.129.128.55736 > localhost.localdomain.ssh: Flags [.], ack 529, win 291, options [nop,nop,TS val 1349212 ecr 1349512], length 0
19:57:30.765783 IP localhost.localdomain.ssh > 192.168.129.128.55736: Flags [P.], seq 529:573, ack 196, win 250, options [nop,nop,TS val 1349553 ecr 1349212], length 44
19:57:30.767025 IP 192.168.129.128.55736 > localhost.localdomain.ssh: Flags [.], ack 573, win 291, options [nop,nop,TS val 1349213 ecr 1349553], length 0
19:57:30.767480 IP 192.168.129.128.55736 > localhost.localdomain.ssh: Flags [P.], seq 196:656, ack 573, win 291, options [nop,nop,TS val 1349214 ecr 1349553], length 460
19:57:30.768531 IP localhost.localdomain.ssh > 192.168.129.128.55736: Flags [P.], seq 573:681, ack 656, win 273, options [nop,nop,TS val 1349556 ecr 1349214], length 108
19:57:30.774315 IP localhost.localdomain.ssh > 192.168.129.128.55736: Flags [P.], seq 681:773, ack 656, win 273, options [nop,nop,TS val 1349561 ecr 1349214], length 92
19:57:30.775300 IP 192.168.129.128.55736 > localhost.localdomain.ssh: Flags [.], ack 773, win 291, options [nop,nop,TS val 1349222 ecr 1349556], length 0
19:57:30.775501 IP 192.168.129.128.ssh > 192.168.129.1.64647: Flags [P.], seq 29961:30061, ack 316, win 251, length 100
19:57:30.817116 IP localhost.localdomain.ssh > 192.168.129.128.55736: Flags [P.], seq 773:857, ack 656, win 273, options [nop,nop,TS val 1349604 ecr 1349222], length 84
19:57:30.817457 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [.], ack 30061, win 254, length 0
19:57:30.821912 IP 192.168.129.128.ssh > 192.168.129.1.64647: Flags [P.], seq 30061:30145, ack 316, win 251, length 84
19:57:30.864363 IP 192.168.129.128.55736 > localhost.localdomain.ssh: Flags [.], ack 857, win 291, options [nop,nop,TS val 1349307 ecr 1349604], length 0
19:57:30.864472 IP 192.168.129.1.64647 > 192.168.129.128.ssh: Flags [.], ack 30145, win 254, length 0
19:57:31.216944 IP localhost.localdomain.57154 > 192.168.129.1.domain: 45319+ PTR? 1.129.168.192.in-addr.arpa. (44)
19:57:32.631211 IP 192.168.129.1.64695 > localhost.localdomain.ssh: Flags [P.], seq 1:53, ack 196, win 250, length 52
19:57:32.631541 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 196:248, ack 53, win 251, length 52
19:57:32.632420 IP 192.168.129.1.64695 > localhost.localdomain.ssh: Flags [P.], seq 53:137, ack 248, win 250, length 84
19:57:32.633494 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 248:320, ack 137, win 251, length 72
19:57:32.675871 IP 192.168.129.1.64695 > localhost.localdomain.ssh: Flags [.], ack 320, win 255, length 0
19:57:32.864301 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [.], seq 320:3240, ack 137, win 251, length 2920
19:57:46.240219 IP localhost.localdomain.50900 > 192.168.129.1.domain: 18847+ PTR? 128.129.168.192.in-addr.arpa. (46)
19:57:46.240640 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 61112:61516, ack 489, win 251, length 404
19:57:46.294865 IP 192.168.129.1.64695 > localhost.localdomain.ssh: Flags [.], ack 61516, win 254, length 0
19:57:56.252751 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 92064:96196, ack 733, win 251, length 4132
19:57:56.253810 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 96196:98120, ack 733, win 251, length 1924
19:57:56.254047 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 98120:100252, ack 733, win 251, length 2132
19:57:56.254211 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 100252:100416, ack 733, win 251, length 164
19:57:56.254403 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 100416:100580, ack 733, win 251, length 164
19:57:56.254572 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 100580:100744, ack 733, win 251, length 164
19:57:56.255033 IP 192.168.129.1.64695 > localhost.localdomain.ssh: Flags [.], ack 100744, win 255, length 0
19:57:56.255043 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 100744:101072, ack 733, win 251, length 328
19:57:56.255147 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 101072:101348, ack 733, win 251, length 276
19:57:56.255213 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 101348:101512, ack 733, win 251, length 164
19:57:56.255277 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 101512:101676, ack 733, win 251, length 164
19:57:56.255348 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 101676:101840, ack 733, win 251, length 164
19:57:56.255410 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 101840:102004, ack 733, win 251, length 164
19:57:56.255478 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 102004:102168, ack 733, win 251, length 164
19:57:56.255551 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 102168:102332, ack 733, win 251, length 164
19:57:56.255686 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 102332:102496, ack 733, win 251, length 164
19:57:56.256062 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 102496:102660, ack 733, win 251, length 164
19:57:56.256266 IP 192.168.129.1.64695 > localhost.localdomain.ssh: Flags [.], ack 102496, win 255, length 0
19:57:56.256581 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 102660:102936, ack 733, win 251, length 276
19:57:56.257012 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 102936:103100, ack 733, win 251, length 164
19:57:56.257463 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 103100:103264, ack 733, win 251, length 164
19:57:56.258090 IP 192.168.129.1.64695 > localhost.localdomain.ssh: Flags [.], ack 103264, win 252, length 0
19:57:56.258405 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 103264:103540, ack 733, win 251, length 276
19:57:56.258839 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 103540:103704, ack 733, win 251, length 164
19:57:56.259255 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 103704:103868, ack 733, win 251, length 164
19:57:56.259700 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 103868:104032, ack 733, win 251, length 164
19:57:56.259979 IP 192.168.129.1.64695 > localhost.localdomain.ssh: Flags [.], ack 104032, win 255, length 0
19:57:56.260261 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 104032:104308, ack 733, win 251, length 276
19:57:56.260712 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 104308:104472, ack 733, win 251, length 164
19:57:56.261185 IP 192.168.129.1.64695 > localhost.localdomain.ssh: Flags [.], ack 104308, win 254, length 0
19:57:56.261354 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 104472:104748, ack 733, win 251, length 276
19:57:56.261518 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 104748:104912, ack 733, win 251, length 164
19:57:56.261803 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 104912:105076, ack 733, win 251, length 164
19:57:56.261877 IP 192.168.129.1.64695 > localhost.localdomain.ssh: Flags [.], ack 104912, win 252, length 0
19:57:56.261973 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 105076:105352, ack 733, win 251, length 276
19:57:56.262110 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 105352:105516, ack 733, win 251, length 164
19:57:56.262252 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 105516:105680, ack 733, win 251, length 164
19:57:56.262543 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 105680:105844, ack 733, win 251, length 164
19:57:56.262884 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 105844:106008, ack 733, win 251, length 164
19:57:56.263036 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 106008:106172, ack 733, win 251, length 164
19:57:56.263175 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 106172:106336, ack 733, win 251, length 164
19:57:56.263310 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 106336:106500, ack 733, win 251, length 164
19:57:56.263583 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 106500:106664, ack 733, win 251, length 164
19:57:56.263907 IP 192.168.129.1.64695 > localhost.localdomain.ssh: Flags [.], ack 106664, win 255, length 0
19:57:56.264000 IP localhost.localdomain.ssh > 192.168.129.1.64695: Flags [P.], seq 106664:106940, ack 733, win 251, length 276

ALLLEX89
关注
2025年最全面SSH远程连接工具推荐:从入门到精通(含新手避坑指南)
awei0916的专栏
04-30 1万+
选择SSH工具时,建议优先考虑易用性和功能匹配度。对于新手,MobaXterm和FinalShell是最友好的选择;开发者可深度集成VS Code;企业用户需关注Xshell或SecureCRT的合规性。无论选择哪款工具,记得始终保持安全意识,定期备份密钥并更新软件!🌟 互动话题:你正在使用哪款SSH工具?遇到过哪些有趣的问题?欢迎在评论区分享你的经验!
查找谁在破解你linux服务器的密码?
凌云客
11-06 3511
首先知道,系统的用户登陆日志文件是/var/log/secure,所以分析统计这文件就可以 #tail -n50 secure-20161219 (可以看到大量Failed password的记录)
ssh管理工具
10-12
ssh工具,用于ssh连接,管理等操作。很实用
SecurecrtSSH管理工具.zip
08-23
SecurecrtSSH管理工具.zip,是一个强大的链接虚拟服务器的工具,实用方便快捷 让你打包发版 畅行无忧 内含注册机 安装简单
ssh keys管理工具
site008的博客
09-14 560
原文地址:https://rtyan.github.io/%E5%B7%A5%E5%85%B7/2017/09/12/ssh-keys-manager.html 引言 我有两个github账户,一个是平时正常使用的,另外一个是用来专门做博客用的, 因为之前常用的那个做博客名字不好看o(╯□╰)o。 这就引发了一个问题,我想在博客账户中添加ssh keys的时候,github会提示 我
Home » cssh:cluster 管理工具 (ssh)
最实用的Linux博客
01-13 4820
 原贴:http://linuxtoy.org/archives/cssh.htmlHome » cssh:cluster 管理工具 (ssh) « ATI Catalyst 8.8 发布 Mosait:制作马赛克效果的拼图 » LinuxTOY 是一个致力于提供 Linux 相关资讯的专题站点。如果您发现了好用好玩的 Linu
SSH员工管理系统
09-30
SSH员工管理系统是一个基于Java开发的综合管理应用,它利用了Spring、Struts2和Hibernate这三个核心框架,构建了一个高效、可扩展的企业级解决方案。SSH框架是Java Web开发中常用的技术栈,结合了Spring的依赖注入...
基于SSH商场管理系统
07-17
**基于SSH商场管理系统详解** SSH(Struts2 + Spring + Hibernate)是一个常见的Java Web开发框架组合,被广泛用于构建高效、稳定的企业级应用,如商场管理系统。SSH框架结合了Struts2的MVC设计模式、Spring的依赖...
基于ssh的人事管理系统
09-26
【基于SSH的人事管理系统】是一种基于Java开发的Web应用程序,主要利用了Struts2、Spring和Hibernate这三大流行开源框架的组合,也被称作“SSH”集成框架。这个系统主要用于企业的内部人事信息管理,旨在提高人力...
简单SSH订单管理系统
10-09
SSH订单管理系统是一个基于Struts2、Spring和Hibernate这三个框架集成的简单应用,旨在实现订单管理的基本功能,包括添加、删除、修改和查询订单。SSH框架是Java Web开发中常用的一种技术栈,它将表现层(Struts2)...
LINUX远程管理工具SSH指南
08-13
LINUX远程管理工具SSH指南,使用SSH远程操作玩LINUX系统的介绍。
SSH登陆器工具(SSHSecureShellClient-3.2.9)
01-22
SSHSecureShellClient-3.2.9 登陆LIUNX,UNIX,开发代码中非常好用,可以FTP上传和下载文件。开发者和系统管理员的必备利器。
精选资源
学生成绩管理系统_ssh版学生成绩管理系统_
09-29
SSH(Struts2、Spring、Hibernate)版的学生成绩管理系统是采用Java Web开发的一种常见架构,它集成了三大框架,提供了高效、稳定且易于维护的解决方案。 1. **Struts2框架**:Struts2是MVC(Model-View-Controller...
常用的SSH工具_SSH管理工具_xshell管理工具
yfx000的专栏
01-04 1292
1MobaXterm 远端电脑的终极工具箱。作为一个单窗口程序,为程序员、网站管理员、IT管理员以及更多需要处理远端任务的用户提供了很多实用的功能。 2FinalShell 一体化的的服务器,网络管理软件,不仅是ssh客户端,还是功能强大的开发,运维工具,充分满足开发,运维需求 3Putty putty是最简单SSH工具,无需安装,支持多系统版本,下载后就可以直接使用,是我刚刚接触生物信息时使用的工具,而且用了两年多。 4 XManager Xmanager是一个工具...
常用ssh管理工具
qq_42499737的博客
07-15 2182
文章目录 finallshell 推荐指数 : 五颗星 xshell 推荐指数: 四颗星 Putty ,secureCRT 推荐指数: 三颗星 MobaXterm 推荐指数: 四颗星 Mosh 推荐指数: 四颗星 总结: 我对一款好用的远程管理工具主要看中几点: 连接稳定,不要动不动就来个断线,想想都闹心。 支持SFTP或者ftp文件传输,上传下载是运维经常做的操作,这个不能省 能够支持X11,也就是Xwindows 美观 以下是用过或者常用的工具,大家按需选择: 1. finallshell
SSH访问控制器:企业级SSH服务管理工具
最新发布
weixin_42513870的博客
05-31 1125
SSH协议最初由Tatu Ylönen于1995年创建,目的是为了替代不安全的远程登录协议,如Telnet和rlogin。SSH通过使用加密和认证机制来确保数据传输的安全性,防止数据在传输过程中被窃听或篡改。SSH访问控制器(SSH AC)是一种网络安全设备,其主要目的是提供对SSH连接的集中管理和控制。通过SSH AC,组织能够确保所有通过SSH协议发起的远程访问请求都遵循既定的安全策略。其定义通常涉及以下几个关键点:身份验证- 确保用户是其声明的身份。授权。
FinalShell SSH管理工具 免费下载
农村打工仔的博客
02-20 477
FinalShell是一体化的的服务器,网络管理软件,不仅是ssh客户端,还是功能强大的开发,运维工具,充分满足开发,运维需求. 特色功能: 免费海外服务器远程桌面加速,ssh加速,本地化命令输入框,支持自动补全,命令历史,自定义命令参数 Windows版下载地址: http://www.hostbuf.com/downloads/finalshell_install.exe macOS版下载地址: http://www.hostbuf.com/downloads/finalshell_install.p
【linux】循序渐进学运维-基础篇-常用ssh管理工具
qq_42499737的博客
07-31 571
文章目录 finallshell 推荐指数 : 五颗星 xshell 推荐指数: 四颗星 Putty ,secureCRT 推荐指数: 三颗星 MobaXterm 推荐指数: 四颗星 Mosh 推荐指数: 四颗星 总结: 大家好,我是高胜寒,本文是Linux运维-循序渐进学运维-基础篇的第45篇文章,本文我们来聊聊运维新手都有哪些可以挑选的SSH管理工具。 话不多说,直接上我常用的ssh管理工具,文末有推荐,大家选择自己喜欢的使用即可: 我对一款好用的远程管理工具主要看中几点: 连接稳定,不要动不动就
远程管理工具SSH的使用方法
VLadimir_的博客
12-22 1391
SSH简介 SSH(Secure Shell)是一种能够以安全的方式提供远程登录的协议,也是目前远程管理Linux 系统的首选方式。在此之前,一般使用 FTP 或 Telnet 来进行远程登录。但是因为它们以明文的形式在网络中传输账户密码和数据信息,因此很不安全,很容易受到黑客发起的中间人攻击,这轻则篡改传输的数据信息,重则直接抓取服务器的账户密码。 想要使用 SSH 协议来远程管理 Linu...
SSH框架入门:简易文件管理系统设计
基于SSH的文件管理系统是一种用于文件存储、检索、更新和删除操作的软件应用程序。它利用SSH框架强大的服务端技术来实现数据的持久化和业务逻辑的处理,通过提供一个图形用户界面或命令行界面,让用户能够方便地管理...
评论
成就一亿技术人!
拼手气红包6.0元
还能输入1000个字符
 
红包 添加红包
表情包 插入表情
表情包 代码片
 条评论被折叠 查看
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值