|
«典故-蘇東坡扒灰 |
幸存者游戏给出的12个启示»
ssh的配置
calfen | 12 九月, 2005 18:02 (2578 Reads)
网管不在,需要自己配ssh,几年前配过,早就忘了,今天重新梳理了一遍。 为防止几年后再去网上乱找相关的资料,谨记于此。
1.安装(以ssh-3.2.5为例,root身份): 先删除openssh
(adv2) rpm -e openssh-clients-3.1p1-2
rpm -e openssh-askpass-gnome-3.1p1-2
rpm -e openssh-askpass-3.1p1-2
rpm -e openssh-server-3.1p1-2
rpm -e openssh-3.1p1-2 (adv3) rpm -e netdump-0.6.10-2
rpm -e desktop-printing-0.1.10-15.1
rpm -e kdebase-3.1.3-5.2
rpm -e openssh-askpass-gnome-3.6.1p2-18
rpm -e openssh-askpass-3.6.1p2-18
rpm -e openssh-server-3.6.1p2-18
rpm -e openssh-clients-3.6.1p2-18
rpm -e openssh-3.6.1p2-18 开始安装 gunzip ssh-3.2.5.tar.gz
tar xvf ssh-3.2.5.tar
cd ssh-3.2.5
./configure
make
make install 随系统自动启动
(Linux):
cp ssh-3.2.5/startup/linux/redhat/sshd2 /etc/init.d/sshd2.init
cd /etc/rc2.d
ln -s ../init.d/sshd2.init S99sshd2
cd /etc/rc3.d
ln -s ../init.d/sshd2.init S99sshd2 (FreeBSD):
cp ssh-3.2.5/startup/linux/redhat/sshd2 /usr/local/etc/rc.d/sshd2.sh
至此,SSH安装完毕 2.本地机自动登陆远程机(普通用户,如webdev)
在本地机:
cd .ssh2
ssh-keygen2 -P
cd
cd .ssh2
echo "IdKey id_dsa_2048_a" > identification 将id_dsa_2048_a.pub上传至FTP,可更名为pub01_2048.pub
(多个pub同样,id_dsa_2048_a.pub更名以便区分) 在远程机:
cd
cd .ssh2 从FTP下载pub01_2048.pub
echo "Key pub01_2048.pub" > authorization 多个PUB则下载所有的pub key
然后编辑$HOME/.ssh2/authorization,文件内容类似于:
Key pub01_2048.pub
Key pub02_2048.pub
~
Key pubxx_2048.pub 配置完毕,从本地机以该用户身份可以直接登陆而不需要输入口令
$ssh user@remote_host
($ssh -l user remote_host)
为便于配置其它前台机器,将第一台的.ssh2目录压缩上传FTP,
然后其它机器下载解压到同样目录即可. 常见问题:
1、删除openssh相关rpm时提示某个包需要这个包
先删除提示中出现的rpm包。 Host type................: i686-pc-linux-gnu
CC.......................: gcc
CPPFLAGS.................:
CFLAGS...................: -D_GNU_SOURCE -g -O2 -Wall -Wno-unknown-pragmas -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64
LDFLAGS..................:
LIBS.....................: -lm -lbsd -lnsl -lbsd -lcrypt -lutil -lncurses -ltermcap -ldl -lcrypt -lnsl -L/usr/local/lib -lutil
X includes...............: NO
X libraries..............: NO Debug enabled............: light
IPv6 support.............: yes
RSA support..............: yes
SSH1 internal emulation..: yes
SSH1 fallback capability.: no
Kbd-interactive in server: yes
Submethods.............: pam passwd plugin
Kbd-interactive in client: yes
PAM support in server....: yes
PAM support in client....: yes
SecurID support in server: no
SecurID support in client: yes
Kerberos5 support........: no
TCP Wrappers support.....: no
Terminal capability lib..: terminfo
X11 SECURITY extension...: no PTY Type.................: ptmx Installation prefix......: /usr/local
bin directory............: /usr/local/bin
sbin directory...........: /usr/local/sbin
man directory............: /usr/local/man
ssh2 etc directory.......: /etc/ssh2
PID-file directory.......: default
文章真實引用網址:http://blog.luluchina.com/blog/trackback.php?id=39
发表评论
|
