首先 Mac 不像 Windows 需要類似 XShell 這樣的客戶端進行SSH連接,直接使用終端即可。
一、首先查看 IP 地址
我這裏是使用的 Ubuntu 18.04 的模擬器。
-
輸入命令:
ifconfig
-
需要安裝 net-tools:
apt install net-tools
-
安裝成功後,再次
ifconfig
二、ssh 登錄
- ssh 登錄 root 用戶
使用ssh root@IP地址
或者ssh -p 22 root@IP地址
命令
出現錯誤:➜ ~ ssh [email protected] ssh: connect to host 192.168.139.129 port 22: Connection refused ➜ ~ ssh -p 22 [email protected] ssh: connect to host 192.168.139.129 port 22: Connection refused
- 檢查服務端 ssh 服務是否開啓
沒有找到 sshd ,說明 ssh 服務沒有啓動,需要開啓 ssh 服務。ps -e | grep sshd
三、啓動服務器的 ssh
- 開啓 ssh 服務
service ssh start
- 更新源列表
apt-get update
- 安裝 openssh-server
apt-get install openssh-server
- 再次查看 ssh 服務是否啓動
四、ssh 登錄
- 連接 root 用戶
➜ ~ ssh [email protected]
The authenticity of host '192.168.139.129 (192.168.139.129)' can't be established.
ECDSA key fingerprint is SHA256:rVB8kHFOI0hCUyibvY6w5TfDF6I+5z0qG2jcVIxi94c.
Are you sure you want to continue connecting (yes/no)? yes
- 輸入 root 用戶密碼
Warning: Permanently added '192.168.139.129' (ECDSA) to the list of known hosts.
[email protected]'s password:
- 權限被拒絕
Permission denied, please try again.
這種情況,很大的可能是由於服務器默認禁止 root 用戶進行 ssh 遠程登錄。
- 嘗試普通用戶登錄,排除配置問題
➜ ~ ssh [email protected]
[email protected]'s password:
- 輸入用戶密碼,普通用戶登錄成功。
Welcome to Ubuntu 18.04.2 LTS (GNU/Linux 4.18.0-17-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
* Canonical Livepatch is available for installation.
- Reduce system reboots and improve kernel security. Activate at:
https://ubuntu.com/livepatch
167 個可升級軟件包。
75 個安全更新。
Your Hardware Enablement Stack (HWE) is supported until April 2023.
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
ff@FF-VM:~$
到這裏就基本確定了就是,服務器禁止 root 用戶進行 ssh 遠程登錄了。
五、允許 root 用戶 ssh 登錄
- 修改 sshd_config
注意,安裝了 openssh 纔會有這個文件,如果文件不存在請檢查是否安裝了 openssh。
vim /etc/ssh/sshd_config
- 配置 PermitRootLogin
- 檢查是否有
PermitRootLogin
- 存在
PermitRootLogin ...
的話(...
代表任何語句),全部修改爲PermitRootLogin yes
- 不存在
PermitRootLogin
的話,增加PermitRootLogin yes
不過這裏有問題,正常情況下 PermitRootLogin
應該也是黃色高亮的。
我嘗試了多次,還是不能高亮,不管了先保存。
- 重啓 ssh 服務
/etc/init.d/ssh restart
- 連接 root 用戶
➜ ~ ssh [email protected]
[email protected]'s password:
Permission denied, please try again.
依然權限被拒絕,說明配置 PermitRootLogin yes
沒有生效。
六、重新安裝 openssh-server
大多數情況下,完成上一步就可以完成登錄了,是不需要該步驟的。
- 卸載 openssh-server
apt-get purge openssh-server
- 刪除 sshd_config
rm /etc/ssh/sshd_config
- 更新源列表
apt-get update
- 安裝 openssh-server
apt-get install openssh-server
- 打開 sshd_config
vim /etc/ssh/sshd_config
- 配置 PermitRootLogin
- 啓動 ssh 服務
/etc/init.d/ssh start
七、 ssh 登錄
連接 root 用戶
➜ ~ ssh [email protected]
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:5devwrE/cIsO8P0l9nc7zQ+xxKRO5BIUDZ1tjd8BB+0.
Please contact your system administrator.
Add correct host key in /Users/ff/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /Users/ff/.ssh/known_hosts:5
ECDSA host key for 192.168.139.129 has changed and you have requested strict checking.
Host key verification failed.
出現錯誤的原因是,重裝了 openssh-server ,服務器的公鑰發生了變化導致的錯誤。
SSH 服務是通過公鑰和私鑰來進行連接的,它會把每個曾經訪問過計算機或服務器的公鑰,記錄在 known_hosts 中,當下次訪問曾經訪問過的計算機或服務器時,SSH 就會覈對公鑰,如果和上次記錄的不同,OpenSSH 會發出警告。
八、修改客戶端 known_hosts 文件
根據提示進行修改
Add correct host key in /Users/ff/.ssh/known_hosts to get rid of this message.
- 進入 known_hosts
➜ ~ vim /Users/ff/.ssh/known_hosts
- 找到以 192.168.139.129 起始的行,將正行刪除
192.168.139.129 ecdsa-sha2-nistp256 ...省略
九、ssh 登錄
- 連接 root 用戶
➜ ~ ssh [email protected]
The authenticity of host '192.168.139.129 (192.168.139.129)' can't be established.
ECDSA key fingerprint is SHA256:5devwrE/cIsO8P0l9nc7zQ+xxKRO5BIUDZ1tjd8BB+0.
Are you sure you want to continue connecting (yes/no)? yes
- 輸入 root 用戶密碼
Warning: Permanently added '192.168.139.129' (ECDSA) to the list of known hosts.
[email protected]'s password:
- root 用戶登錄成功
Welcome to Ubuntu 18.04.2 LTS (GNU/Linux 4.18.0-20-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
* Canonical Livepatch is available for installation.
- Reduce system reboots and improve kernel security. Activate at:
https://ubuntu.com/livepatch
0 個可升級軟件包。
0 個安全更新。
Your Hardware Enablement Stack (HWE) is supported until April 2023.
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
root@FF-VM:~#