立你斯學習記錄

1. You have to enable SSHD using systemctl

** systemctl - Control the systemd system and service manager

[root@stk /]# su
[root@stk /]# systemctlenable sshd.service

2. Start SSHD using this command "systemctl start sshd.service"

[root@stk/]# systemctl start sshd.service

Check the status of SSHD service using "systemctl status sshd.service"

[root@stk /]# systemctl status sshd.service

sshd.service - OpenSSH server daemon.
Loaded: loaded (/lib/systemd/system/sshd.service; enabled)
Active: active (running) since Sun, 11 Dec 2011 11:53:53 +0400; 1 day and 22h ago
Main PID: 835 (sshd)
CGroup: name=systemd:/system/sshd.service
835 /usr/sbin/sshd -D

Restart SSHD service : "systemctl restart sshd.service"

[root@stk /]#systemctl restart sshd.service

Stop SSHD service : "systemctl restart sshd.service"

[root@stk /]# systemctl stop shd.service

1. 第一次連上SSH時若local 未曾連過會出現如下訊息. 按Yes 後host 的public key就會存在 \HKEY_KUSER\Software\SimonTatham\Putty\SshHostKeys

rsa2@ip=0x10001, {key value}

之後再登入就不會再出現

2. SSH 登入出現 Read from socket failed: Connection reset by peer

key 不對所以無法連線.

可能原因之一:

Server 的/etc/ssh底下的key 檔案權限太open, 所以key 未被 sshd 載入, 故無法生效.

解法:

在Server機器,

> cd /etc/ssh/

> chmod 644 ssh_host_xxx_key.pub

> chmod 600 ssh_host_xxx_key

再重新載入 sshd:

> service sshd stop

> service sshd start

> netstat -tl

3. 如何建立不用輸入密碼登入:

Local 端:

(a) $ ssh-keygen -t rsa

在 /home/user/.ssh/ 目錄下產生 id_rsa (private key) 及id_rsa.pub (public key)

(b) copy id_rsa.pub 到 server的 ~/.ssh目錄

Server 端:

(c) 將public key 轉存到 authorized_keys 檔案中 

> cd ~/.ssh

> cat ../id_rsa.pub >> authorized_keys

好了直接在 local 端登入看看

$ssh user@ip