Ubuntu下使用SSH 命令用于登录远程桌面
问题描述
工作经常需要在一台电脑(本地主机)上写代码,另一台电脑(服务器,计算力强)上进行训练,两台电脑上都安装的是Ubuntu18.04,为了在local主机下可以随时跑程序,调代码,同时省流量而且迅速(不考虑这些的话用teamviewer也行),所以在两台电脑主机上进行SSH配置。
基础:ssh命令连接
step1:SSH程序的安装
确保在服务器上安装好了openssh-server程序,在本地主机上安装好了openssh-client程序。
sudo apt install openssh-client #本地主机运行此条,实际上通常是默认安装client端程序的
sudo apt install openssh-server #服务器运行此条命令安装
当然有兴趣也可以尝试两台电脑服务器客户端都安装,互相访问。
step2:服务器启动ssh服务
以下命令都只针对服务器端(server only)。
一般服务器上安装ssh完成后,会自动启动ssh服务,并且默认随系统启动,如果没有,请手动启动:
sudo /etc/init.d/ssh start #服务器启动ssh-server服务,
其他命令:
sudo /etc/init.d/ssh stop #server停止ssh服务
sudo /etc/init.d/ssh restart #server重启ssh服务
step3:查询服务器的ip地址
在服务器终端运行以下命令:
ifconfig #查询ip地址,在返回信息中找到自己的ip地址
比如我的服务器IP: 192.168.0.101
step4:在本地主机端ssh远程登录服务器
这一步需要知道服务器的用户名(我的服务器名字是yj)及IP地址。
在本地主机上运行以下命令:
用户端连接服务器用于登录远程桌面(以下user时远程主机的用户名)
uu@uu-HP-EliteBook-6930P-Notebook-PC:~$ ssh [email protected]
uu@uu-HP-EliteBook-6930P-Notebook-PC:~$ ssh -l yj 192.168.0.101
如果需要调用图形界面的话,用-X:
uu@uu-HP-EliteBook-6930P-Notebook-PC:~$ ssh -X [email protected]
初次登录时会出现以下信息,请记住要输入的密码是服务器主机本身的登陆密码:
uu@uu-HP-EliteBook-6930P-Notebook-PC:~$ ssh -X [email protected]
[email protected]'s password:
Welcome to Ubuntu 18.04 LTS (GNU/Linux 4.15.0-29-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
* Canonical Livepatch is available for installation.
- Reduce system reboots and improve kernel security. Activate at:
https://ubuntu.com/livepatch
183 packages can be updated.
10 updates are security updates.
Last login: Tue Aug 7 15:26:51 2018 from 192.168.0.103
/usr/bin/xauth: file /home/yj/.Xauthority does not exist
yj@yj-Vostro-20-3015:~$
以上表示连接到服务器成功,且命令提示副前的用户名@主机名
由本地主机变成服务器的信息,即表明现在该终端所有的命令都是在服务器中执行。
yj@yj-Vostro-20-3015:~$ ls
Android Documents Pictures 'Untitled Document 1'
AndroidStudioProjects Downloads Public Videos
a.out examples.desktop snap
Desktop Music Templates
yj@yj-Vostro-20-3015:~$
step5:退出远程登录
用Ctrl+D或者
exit
yj@yj-Vostro-20-3015:~$ logout
Connection to 192.168.0.101 closed.
uu@uu-HP-EliteBook-6930P-Notebook-PC:~$
进阶:利用公钥省去口令输入
如果觉得每次登录远程主机都需要输入密码是很不便捷的,可以利用密钥对进行连接,主要思路是:生成一对公钥私钥,私钥在local主机上,公钥在远程服务器上,每次建立ssh连接自动检查密钥对是否匹配。
step1 生成密钥对
ssh-keygen -t rsa #-t表示选择类型,类型为rsa
执行以后会在$HOME目录下生成一个.ssh文件夹,其中包含私钥文件id_rsa
和公钥文件id_rsa.pub
。
uu@uu-HP-EliteBook-6930P-Notebook-PC:~$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/uu/.ssh/id_rsa):(此处我直接回车)
Enter passphrase (empty for no passphrase):(此处提示不输入或者至少5位密码)
Enter same passphrase again:(重复确认输入上面的密码)
Your identification has been saved in /home/uu/.ssh/id_rsa.
Your public key has been saved in /home/uu/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:NBd/SyuCvCWUeUQk6aeBh/CBH/Mv/tPFgAlmnxHsLwM uu@uu-HP-EliteBook-6930P-Notebook-PC
The key's randomart image is:
+---[RSA 2048]----+
| . .=*. |
| o + ==oo |
| + @*+o=. o |
| =+E=B .o o |
| .S*o..oo |
| o++...o |
| ... + . |
| . . . |
| ... |
+----[SHA256]-----+
uu@uu-HP-EliteBook-6930P-Notebook-PC:~$
step2 复制公钥至服务器
uu@uu-HP-EliteBook-6930P-Notebook-PC:~$ cd /home/uu/.ssh/
uu@uu-HP-EliteBook-6930P-Notebook-PC:~/.ssh$ ls
id_rsa id_rsa.pub known_hosts
有兴趣可以研究下三个文件里面内容:
1,
uu@uu-HP-EliteBook-6930P-Notebook-PC:~/.ssh$ gedit id_rs
(gedit:29037): Gtk-WARNING **: 17:08:50.573: Attempting to read the recently used resources file at '/home/uu/.local/share/recently-used.xbel', but the parser failed: Failed to open file “/home/uu/.local/share/recently-used.xbel”: Permission denied.
id_rsa:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,3D2E817060F72902B2425478B99728BC
qKyrr0oi3pL+H6X8osKYA+Gba5h2a763ei4iZEnUUf3jk9KXjPeF0gZ4akZ3wON/
y8i1DcMC6O10W+JqjHwqkhk/UpzyEo5djcl6nWxFjTrmuQFrBQt0jNusN5wx32dM
uyK23xS7j8adLkxRWhccRKrUPqK/f7rT7PAgFYwpPIuDh9hhCFGOgzVXF3vtCfDy
GKhvAvdOe1+VSksqZELqGMdzT/7vLvWpgbHVvk36GVJHI2LNw8jyoWLuApL2mzb1
fI6VoCUrZ2+6SiFgjZSJFv5KymLTmpdV2vMXH7mN57Is4HAx5wP8CkfqswdSic3I
GBgf1iPgCMayKh1JaD/ROzKnvM32pgmHQmiSpzKOTE/Dqyd4AXN+Z0/8DEo8g8VG
2zm65uxwXVutRg8eLhCAzINdYb1caGAtiGdJyRs2usFe2B86z4dqhsVKItSDYglP
PdSUsKXzXEANgpPRWoWqtMMNm6J1hzArOjdwUW2VQ15wNvckvJJ/JHhi2+IsixMJ
hpjkbh9xCijRBlWF/gNBcF1Ku3uwIZcOyLKwHwuKpGfD2BO+epr2vJWOWaE8Xejx
iL6TqVWXwdkB7jnpDa5QXtt2acq6jiIDChkvQXf2LigjyaiQ5my++g993h6TRSGR
LMaCe446+6lqihhVg/TRNcNGHQMwrmzByaHqVTW3/t76ZszxIFqKvxnTu1SJEnE4
E1KJ750F0FBSHORXS09zEy4ViXAxT4Uzqm5FugPp6zs5TSOrVVpAvAtRHEeNH3N9
6v9Kxuncg3JSqGKCskFBWHGMfDE9mJkj2i/QT4AQTwqnCv2kLZC+o95iHX7SZK90
/9p750BmnXfQlIYsswUg49AIJqxYr//+UfIIQ196AvrCcwMnCH6KXtllwN0c0GHq
DSIV/IZ+ODtPKxH1z2n9HLioNi33DDemIg4vJNyeXRyynGllJfwHVA/apsGqYFGS
B/nn2waT7WWFxv19UugF/VhQAn3XnAEI8+sjs4ESc/VoEa4fM0/wNir2EVO/ppTn
9M1b9nSJrOdOrnqOXOo60dRmVptFtSfVZjWEzP1dW6L+B5clp5SCNXwRu+9z8rrd
a0Z1+v/sOfvLpEGhIdTf32VJIlsoZwbscPs18oEX4hq0u2Z8GwdKaxB34FS4A19L
4K4xuBUC+YbYbwPZ/3L5GL50pyxyEOTn60r08Dz0hqiaJf33KPJK/kuBQjt2S18Q
ApwjqiNcosACoh/AaTSV9LTE3b+QuAlEFqt7BPaGCk3IrGH0hssuhhR1R3sa6ohD
oggpoXCnt9nypG5rNFJphYtUIUJFUyLLHoh95yvbf3tXC/x/0DCSi4oF66W/r7C9
BQCd3KynmAyOrBeijiAm7zLQB2Vb9Jc2mu+NwGiW0P2V28rprK7PvcbDi1Xz6obm
jtS4Yl8cxqnSDyLRYTvxVE3CL5Ea2B0Ak5lWmcnjKf7+sWzoHOKEK4XvvROyzMoQ
hd39VkiHOmaPzyukedG4AXI6Ks18Ugb4hCXP+EH9QZJZ3HZg4xRhxP97Y29XB13I
VB0d0RdfJ8YzXvhnCvbNDlZK1w5vZ/80Sb5Lw0Ls7ubVV7tJvZySimYXrd0+bHwP
-----END RSA PRIVATE KEY-----
2,
uu@uu-HP-EliteBook-6930P-Notebook-PC:~/.ssh$ gedit id_rsa.pub
(gedit:29113): Gtk-WARNING **: 17:17:15.278: Attempting to read the recently used resources file at '/home/uu/.local/share/recently-used.xbel', but the parser failed: Failed to open file “/home/uu/.local/share/recently-used.xbel”: Permission denied.
id_rsa.pub :
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC34bJxhL5t6Oitf26H4IshLH1+LcoEXRUseZbOnqjizIufLWDOu7cbNT9pOewhqCg/QHYVA/agq7esMhlAK4PkSs9tSP2CVXcGpRggOZhVBv7t46M5pivr/WRK7zljvHjUEP1M/APP7ZhQqVW0CtegYDmbUJAaQUctT6SU+0lSOKTh34M6LgodWXvXkY2DIf8CxM9mePcU2xL6C/rUsYLAWSyBxWB0r5IbVF8YmNhLAeSA6iC4Lipo2v9OiHv5S8t5r2UHtX/2MRNPpE3Q6BJLaAI183Cm9g9Z2QKJDXD4BbU5IIbYx+js5AdRkmiX6NZC/v35ro0SH0t8oKDaUv+V uu@uu-HP-EliteBook-6930P-Notebook-PC
3,
uu@uu-HP-EliteBook-6930P-Notebook-PC:~/.ssh$ gedit known_hosts
known_hosts:
lZL4arOQ1ROwb+ps/OCBm3fs=|bszS07vEe3A/uMjK6cSR6tLgUos= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDP+Zmn70mQuJXC8AvpFE+mNAGxrsXyOPy4oYtipU2VYhvs0EINhKwQ6NPqQWQMgxIrwQce6pUKVjF44HQAjg5Q=
*******************************************************************************************************************************************************
登陆服务器
$ ssh [email protected]
在服务器上创建.ssh文件夹
$ mkdir .ssh
为了保证.ssh文件夹的安全,应取消其他用户对文件夹的所有权限
$ chmod 700 .ssh
退出登录
$ exit
本地主机的公钥复制到远程服务器,作为已认证密钥
$ scp /home/uu/.ssh/id_rsa.pub [email protected]:/home/yj/.ssh/authorized_keys
*******************************************************************************************************************************************************
因为我的两台电脑都安装服务器和客户端,所以服务器端.ssh已经存在,操作复杂了点
uu@uu-HP-EliteBook-6930P-Notebook-PC:~$ ssh [email protected]
[email protected]'s password:
Welcome to Ubuntu 18.04 LTS (GNU/Linux 4.15.0-29-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
* Canonical Livepatch is available for installation.
- Reduce system reboots and improve kernel security. Activate at:
https://ubuntu.com/livepatch
183 packages can be updated.
10 updates are security updates.
Last login: Tue Aug 7 16:48:37 2018 from 192.168.0.103
yj@yj-Vostro-20-3015:~$ mkdir .ssh
mkdir: cannot create directory ‘.ssh’: File exists
yj@yj-Vostro-20-3015:~$ ls
Android Documents Pictures 'Untitled Document 1'
AndroidStudioProjects Downloads Public Videos
a.out examples.desktop snap
Desktop Music Templates
yj@yj-Vostro-20-3015:~$ cd .
./ .cache/ .gphoto/ .mozilla/
../ .config/ .gradle/ .ssh/
.android/ .dbus/ .java/
.AndroidStudio3.1/ .gnupg/ .local/
yj@yj-Vostro-20-3015:~$ cd .ssh/
yj@yj-Vostro-20-3015:~/.ssh$ ls
known_hosts
yj@yj-Vostro-20-3015:~/.ssh$ gedit known_hosts
Unable to init server: Could not connect: Connection refused
(gedit:3738): Gtk-WARNING **: 17:34:31.696: cannot open display:
yj@yj-Vostro-20-3015:~/.ssh$ exit
logout
Connection to 192.168.0.101 closed.
uu@uu-HP-EliteBook-6930P-Notebook-PC:~$ ssh -X [email protected]
[email protected]'s password:
Welcome to Ubuntu 18.04 LTS (GNU/Linux 4.15.0-29-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
* Canonical Livepatch is available for installation.
- Reduce system reboots and improve kernel security. Activate at:
https://ubuntu.com/livepatch
183 packages can be updated.
10 updates are security updates.
Last login: Tue Aug 7 17:24:38 2018 from 192.168.0.103
yj@yj-Vostro-20-3015:~$ cd ./
.android/ Documents/ Music/
Android/ Downloads/ Pictures/
.AndroidStudio3.1/ .gnupg/ Public/
AndroidStudioProjects/ .gphoto/ snap/
.cache/ .gradle/ .ssh/
.config/ .java/ Templates/
.dbus/ .local/ Videos/
Desktop/ .mozilla/
yj@yj-Vostro-20-3015:~$ cd .ssh/
yj@yj-Vostro-20-3015:~/.ssh$ ls
known_hosts
但正好有兴趣,看看known_hosts里面内容
yj@yj-Vostro-20-3015:~/.ssh$ gedit known_hosts
(gedit:3827): Gtk-WARNING **: 17:35:59.648: Attempting to read the recently used resources file at '/home/yj/.local/share/recently-used.xbel', but the parser failed: Failed to open file “/home/yj/.local/share/recently-used.xbel”: Permission denied.
known_hosts:
|1|J2SdLKY0r3AglSc40RoZ6DZaDhQ=|gbeYMqGPeNUl28UDArkNtv4YB3k= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDbfjorfu+TOE6oYeliMTCvRvyjVS4SUpI7FBjiq2Ha4nMReNEhZk4p/ycwcDHuQy++IpJpO2vraPT+U065jz9E=
yj@yj-Vostro-20-3015:~$ chmod 700 .ssh/
yj@yj-Vostro-20-3015:~$ exit
logout
Connection to 192.168.0.101 closed.
uu@uu-HP-EliteBook-6930P-Notebook-PC:~$ scp /home/uu/.ssh/id_rsa.pub [email protected]:/home/yj/.ssh/authorized_keys
[email protected]'s password:
id_rsa.pub 100% 418 32.3KB/s 00:00
uu@uu-HP-EliteBook-6930P-Notebook-PC:~$