IDC资讯中心
——————————————————————————–
本文件说明如何在 linux 上安装、使用 ssh2.
——————————————————————————–
一、版权说明
本文件将遵循gpl发布
二、软件取得
1 redhat 6.2
2 ssh2 server
rpm : ssh-commercial-server-2.2.0-2nox.i386.rpm
source: ssh-2.2.0.tar.gz
3 ssh2 client
rpm : ssh-commercial-workstation-2.2.0-2.i386.rpm
http://www.ssh.com
三、软件安装
说明:remote host name :remote (server) 192.168.1.222
local host name :local (client) 192.168.1.223
1 安装 redhat6.2
2 安装 ssh2 server(remote host)
使用 rpm
[root@remote root]# rpm -ivh ssh-commercial-server-2.2.0-2nox.i386.rpm
使用 source
[root@remote root]# tar xzvf ssh-2.2.0.tar.gz
# cd ssh-2.2.0
# ./configure
# make
# make install
3 安装 ssh2 clinet(local host)
[root@local root]# rpm -ivh ssh-commercial-workstation-2.2.0-2.i386.rpm
四、系统配置
1.在 remote host 启动sshd
[root@remote root]/usr/loca/sbin/sshd2
2 在 local host 添加用户账号 如 bill
[root@local root] useradd bill
[root@local root] passwd bill
3 在client 上建立用户的公共和私人密钥
以bill登陆到 local host 上
[bill@local local]$ ssh-keygen
generating 1024-bit dsa key pair
9 o.ooo..ooo.o
key generated.
1024-bit dsa, created by bill@local wed sep 23 07:11:02 1998
passphrase :输入一些字符,不超过20个
again :重复输入一遍
private key saved to /home/bill/.ssh2/id_dsa_1024_a
4 在client 上建立用户的认证文件
以bill登陆到 local host 上
[bill@local local]$cd ~/.ssh2
[bill@local local]$echo “idkey id_dsa_1024_a” > identification
4. 在 remote host 添加用于远程登陆的用户账号 如 bill
[root@remote root]# useradd bill
[root@remote root]# passwd bill
5. 以bill登陆到 remote host 上
[bill@remote local]$ ssh-keygen
generating 1024-bit dsa key pair
9 o.ooo..ooo.o
key generated.
1024-bit dsa, created by bill@local wed sep 23 07:11:02 1998
passphrase :输入一些字符,不超过20个
again :重复输入一遍
private key saved to /home/bill/.ssh2/id_dsa_1024_a
6. 以bill登陆到 local host
[bill@local local]$ cd ~
[bill@local local]$ cp ./.ssh2/id_dsa_1024_a.pub local.pub
以bill ftp remote host
[bill@local bill]$ ftp local
ftp> lcd ~/.ssh2
ftp> cd ~/.ssh2
ftp> put local.pub
ftp> bye
以bill telnet remote host
[bill@local bill]$ telnet local
[bill@remote bill]$ cd ~/.ssh2
[bill@remote .ssh2]$echo “key local.pub” > authorization
五 测试
在local host
[bill@local bill]$ ssh remote
passphrase for key “/home/bill/.ssh2/id_dsa_1024_a” with comment “1024-bit d: 输入前面输入的一些字符
authentication successful.
[bill@remote bill]$ netstat -n
active internet connections (w/o servers)
proto recv-q send-q local address foreign address state
tcp 0 252 192.168.1.222:22 192.168.1.223:3532 established
active unix domain sockets (w/o servers)
proto refcnt flags type state i-node path
unix 9 [ ] dgram 436 /dev/log
unix 0 [ ] stream connected 177 @00000016
unix 0 [ ] dgram 771
unix 0 [ ] dgram 753
unix 0 [ ] dgram 672
unix 0 [ ] dgram 636
unix 0 [ ] dgram 590
unix 0 [ ] dgram 575
unix 0 [ ] dgram 523
unix 0 [ ] dgram 458
unix 0 [ ] dgram 446
[bill@local bill]$ sftp remote
passphrase for key “/home/bill/.ssh2/id_dsa_1024_a” with comment “1024-bit d:
sftp> ls -l
drwxr-xr-x 5 bill bill 4096 jul 12 6:29 desktop/
-rwxr-xr-x 1 bill bill 333 jul 12 6:29 .emacs*
-rw-r–r– 1 bill bill 24 jul 12 6:29 .bash_logout
-rw-r–r– 1 bill bill 230 jul 12 6:29 .bash_profile
-rw-r–r– 1 bill bill 124 jul 12 6:29 .bashrc
drwxr-xr-x 3 bill bill 4096 jul 12 6:29 .kde/
-rw-r–r– 1 bill bill 435 jul 12 6:29 .kderc
-rw-r–r– 1 bill bill 3394 jul 12 6:29 .screenrc
-rw——- 1 bill bill 316 jul 12 16:31 .bash_history
drwxr-xr-x 3 bill bill 4096 jul 12 16:00 .ssh2/
sftp>
六 结束
tao chou (周涛) tao_chou@21cn.com
