ssh
SSHһdzΰĹߣҪڻԶӵôSSHѵĺѡͨͶƱѡ25SSHμġ
1SSHԿĿSSH¼
ssh-copy-id user@host
ûԿʹssh-keygenɡ
2ij80˿ڿ2001˿ڵ ssh
ssh -N -L2001:localhost:80 somemachine
ֱhttp://localhost:2001վ
3˷Զ̼
dd if=/dev/dsp | ssh -c arcfour -C username@host dd of=/dev/dsp
˷˿ڵSSHĿ˿źǣܲܶ˻˻
4ȽԶ̺ͱļ
ssh user@host cat /path/to/remotefile | diff /path/to/localfile C
ڱȽϱļԶļǷвʱܹá
5ͨSSHĿ¼/ļϵͳ
sshfs name@server:/path/to/folder /path/to/mount/point
http://fuse.sourceforge.net/sshfs.htmlsshfs簲ȫһĿ¼
6ͨмSSH
ssh -t reachable_host ssh unreachable_host
Unreachable_hostʾӱֱӷʵԴreachable_hostʣͨreachable_hostġءӣunreachable_hostӡ
7ͨĵԣԶ host1 ϵļԶ host2 ϵļ
ssh root@host1 cd /somedir/tocopy/ && tar -cf C . | ssh root@host2 cd /samedir/tocopyto/ && tar -xf -
ֻͬʱ host1 host 2 Dzܷ ncat ģ֮Ҳֱӷʡ
8κԶϵ GUI
ssh -fX <user>@<host> <program>
SSH ˱Ҫ߱
X11Forwarding yes ȷ X11 תǴ
ͬʱҲԴ
Compression delayed
ȻҪܷAС
9Ŀij־û
ssh -MNf <user>@<host>
ں̨Ŀij־ûӣ~/.ssh/configеýʹã
Host host
ControlPath ~/.ssh/master-%r@%h:%p
ControlMaster no
еĿSSHӶʹó־ûSSH֣ʹSSHͬļʹrsync/sftp/cvs/svndzãΪÿδһSSHʱᴴµ֡
10ͨSSH ֱӿԭ screen
ssh -t remote_host screen Cr
ֱӵԶ screen Ựʡõĸbasḥ
11˿ڼ⣨ţ
knock <host> 3000 4000 5000 && ssh -p <port> user@host && knock <host> 5000 4000 3000
һ˿һ´ijĶ˿ڣSSHһ¹رոö˿ڣҪȰװknockdһļʾ
logfile = /var/log/knockd.log
sequence = 3000,4000,5000
seq_timeout = 5
command = /sbin/iptables -A INPUT -i eth0 -s %IP% -p tcp Cdport 22 -j ACCEPT
tcpflags = syn
sequence = 5000,4000,3000
seq_timeout = 5
command = /sbin/iptables -D INPUT -i eth0 -s %IP% -p tcp Cdport 22 -j ACCEPT
tcpflags = syn
12ɾıļеһݣõ
ssh-keygen -R <the_offending_host>
£ʹרҵĹߡ
13ͨSSHиӵԶshell
ssh host -l user $(<cmd.txt)
ֲԵİ汾
ssh host -l user `cat cmd.txt`
14ͨSSHMySQLݿ⸴Ƶ·
mysqldump Cadd-drop-table Cextended-insert Cforce Clog-error=error.log -uUSER -pPASS OLD_DB_NAME | ssh -C user@newhost mysql -uUSER -pPASS NEW_DB_NAME
ͨѹSSHDumpһMySQLݿ⣬Ϊ봫ݸmysqlΪǨݿ·õķ
15ɾıļеһУSSHԿġľ
sed -i 8d ~/.ssh/known_hosts
16һ̨ûSSH-COPY-IDSSHԿƵ
cat ~/.ssh/id_rsa.pub | ssh user@machine mkdir ~/.ssh; cat >> ~/.ssh/authorized_keys
ʹMac OS Xûssh-copy-id*nix֣ԽĹԿƵԶʵSSH¼
17ʵʱSSH
yes | pv | ssh $host cat > /dev/null
ͨSSHӵʾʵʱĴٶȣдָ/dev/nullҪȰװpv
Debian
apt-get install pv
Fedora
yum install pv
Ҫöֿ⣩
18һӵԶGNU screen
ssh -t user@some.domain.com /usr/bin/screen CxRR
ϲһıնдshellỰͻȻжϣ㰴ˡCtrl-a dԶϵshellܵ˿Ӱ죬ӣõscreenСCtrl-a cµshell͡Ctrl-a ashell֮лhttp://aperiodic.net/screen/quick_referenceĶscreenĿٲο
19SCPļ
rsync Cpartial Cprogress Crsh=ssh $file_source $user@$hostdestination_file
ԻָʧܵrsyncͨVPNļ籸ݵݿʱdzãҪߵϰװrsync
rsync Cpartial Cprogress Crsh=ssh $file_source $user@$hostdestination_file local -> remote
rsync Cpartial Cprogress Crsh=ssh $user@$hostremote_file $destination_file remote -> local
20ͨSSH W/ WIRESHARK
ssh root@server.com tshark -f port !22 -w -' | wireshark -k -i C
ʹtsharkԶϵͨţͨSSHӷԭʼpcapݣwiresharkʾCtrl+CֹͣҲرwiresharkڣԴһ-c #tsharkֻ#ָݰͣͨܵضݣֱͨSSHwiresharkҽݰԽԼtsharkʹtcpdump
ssh root@example.com tcpdump -w C port !22 | wireshark -k -i C
21SSHỰô
autossh -M50000 -t server.example.com screen -raAd mysession
һSSHỰ䱣ôʹñʼDZԵûҪWi-Fiȵ֮лԱ֤лᶪʧӡ
22ȶ죬ǿSSHͻ
ssh -4 -C -c blowfish-cbc
ǿʹIPv4ѹʹBlowfishܡ
23ʹcstreamƴ
tar -cj /backup | cstream -t 777k | ssh host tar -xj -C /backup
ʹbzipѹļУȻ777k bit/sԶ䡣CstreamиĹܣhttp://www.cons.org/cracauer/cstream.html#usage˽飬磺
echo w00t, im 733+ | cstream -b1 -t2
24һSSHԿ䵽һ̨
ssh-keygen; ssh-copy-id user@host; ssh user@host
SSH¼ע⣬ڱػ~/.sshĿ¼ѾһSSHԿԣssh-keygenɵԿܻḲǣssh-copy-idԿƵԶӵԶ˺ŵ~/.ssh/authorized_keysļУʹSSHʱûʹԿssh user@hostþͻʾԶshell
25루stdinƵX11
ssh user@host cat /path/to/some/file | xclip
ǷʹscpļƵõϣԱ㸴ݵʼУxclipﵽ㣬Խ븴ƵX11Ҫľǵмճеݡ
ղ0
Ҷ0
Ҳ0
ҳ:
[1]