Ssh Clientseite: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
Zeile 114: Zeile 114:
 
=Einloggen=
 
=Einloggen=
 
:alice@u3:~$ ssh  bob@u1
 
:alice@u3:~$ ssh  bob@u1
<pre>
 
Welcome to Ubuntu 20.04.3 LTS (GNU/Linux 5.4.0-89-generic x86_64)
 
 
* Documentation:  https://help.ubuntu.com
 
* Management:    https://landscape.canonical.com
 
* Support:        https://ubuntu.com/advantage
 
 
  System information as of Mon 08 Nov 2021 10:58:55 AM UTC
 
 
  System load:  0.08              Processes:            104
 
  Usage of /:  18.5% of 24.48GB  Users logged in:      0
 
  Memory usage: 9%                IPv4 address for eth0: 10.0.10.53
 
  Swap usage:  0%                IPv4 address for eth1: 172.16.10.1
 
 
* Super-optimized for small spaces - read how we shrank the memory
 
  footprint of MicroK8s to make it the smallest full K8s around.
 
 
  https://ubuntu.com/blog/microk8s-memory-optimisation
 
 
33 updates can be applied immediately.
 
To see these additional updates run: apt list --upgradable
 
 
Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings
 
 
 
Last login: Mon Nov  8 10:58:49 2021 from 192.168.0.3
 
</pre>
 
 
:bob@u1:~$
 
:bob@u1:~$
  
 
=SSH Optionen=
 
=SSH Optionen=
 
*[[Ausgewählte SSH Optionen]]
 
*[[Ausgewählte SSH Optionen]]

Version vom 8. November 2021, 11:00 Uhr

Erster Verbindungsaufbau

alice@u3:~$ ssh bob@u2
The authenticity of host 'u2 (172.16.10.2)' can't be established.
ECDSA key fingerprint is SHA256:Dp+DL5apc0A3rsUKCPcvbLSBmb4BSQXDsJGLJR0r0GA.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
bob@u2's password:
bob@u2:~$

Exit

bob@u2:~$ exit
alice@u3:~$ cat .ssh/known_hosts
|1|5BdpwWv6AjvkrERbWPK0NCdeWiY=|XEQyvQ0nw5bIIM7UHd6rbJwIA1A= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNmNwRv2mqfgV3SwvASy48CIjb4oSmxqcQf7e28dCYQxGRfIXiQK5HYKagkqsfBgai+iIiLKDrkav7tvqX0XsAQ=
|1|m9IwDx96MLYRVu8WE49HjWRcdyk=|CVTp1yv65aqMW6Y1zWngj0j1oW8= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNmNwRv2mqfgV3SwvASy48CIjb4oSmxqcQf7e28dCYQxGRfIXiQK5HYKagkqsfBgai+iIiLKDrkav7tvqX0XsAQ=
Der Publikkey des Server u3 wurde hinzugefügt

Befehl ausführen

alice@u3:~$ ssh bob@u2 hostname
bob@u2's password:
u2

alternativer Aufruf

alice@u3:~$ ssh -l bob u2
bob@u2's password:
bob@u2:~$

Angabe eines speziellen Ports

alice@u3:~$ ssh -p 8822 -l bob u2
bob@u2's password:
bob@u2:~$

Schlüsselpaar erzeugen

alice@u3:~$ ssh-keygen -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/home/alice/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/alice/.ssh/id_rsa
Your public key has been saved in /home/alice/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:PrjyG7hdgYyB8o3G6AylcbWvmPjjJr29l4yGS7uAR44 alice@u3
The key's randomart image is:
+---[RSA 4096]----+
|    .            |
|   o .           |
|o + o            |
| X o = .         |
|+ * o + S        |
|=* o o o .       |
|E+*.ooo.+        |
|.==o+o++ .       |
| +B*+==.         |
+----[SHA256]-----+

Schlüsselpaar

  • Wir haben nun ein Schlüsselpaar erzeugt.
  • Der geheime Schlüssel ist passwort-geschützt.
  • Dieses Passwort wird beim erstmaligen Nutzen nach dem Einloggen abgefragt.
  • Danach befindet sich der geheime Schlüssel im Arbeitsspeicher.
  • Er wird von dem SSH-Agent verwaltet.

Das Schlüsselpaar

alice@u3:~$ ls .ssh/id_rsa*
.ssh/id_rsa  .ssh/id_rsa.pub

Übetragen des Publik Keys zu bob@u2

alice@u3:~$ ssh-copy-id bob@u2
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/alice/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
bob@u2's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'bob@u2'"
and check to make sure that only the key(s) you wanted were added.

Der Private Key ist noch nicht im Arbeitsspeicher

alice@u3:~$ ssh-add -l
The agent has no identities.

Wir fügen den Private Key zum Agent hinzu

alice@u3:~$ ssh-add
Enter passphrase for /home/alice/.ssh/id_rsa: 
Identity added: /home/alice/.ssh/id_rsa (alice@u3)

Der Private Key ist nun im Arbeitsspeicher und wird vom Agent verwaltet

alice@u3:~$ ssh-add -l
4096 SHA256:PrjyG7hdgYyB8o3G6AylcbWvmPjjJr29l4yGS7uAR44 alice@u3 (RSA)

Einlogen ohne Passwort

alice@u3:~$ ssh bob@u2
bob@u2:~$

Einloggen ohne Passwort

alice@u3:~$ ssh bob@u2
Enter passphrase for key '/home/alice/.ssh/id_rsa': 
bob@u2:~$

Wir bringen nun den Public-Key von alice auf den Account bob@u1

alice@u3:~$ ssh-copy-id bob@u1
The authenticity of host 'u1 (172.16.10.1)' can't be established.
ECDSA key fingerprint is SHA256:Dp+DL5apc0A3rsUKCPcvbLSBmb4BSQXDsJGLJR0r0GA.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
bob@u1's password:
Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'bob@u1'"
and check to make sure that only the key(s) you wanted were added.
alice@u3:~$

Einloggen

alice@u3:~$ ssh bob@u1
bob@u1:~$

SSH Optionen

Abgerufen von „http://wiki.ixheim.de/index.php?title=Ssh_Clientseite&oldid=29433