Putty使用private key进行ssh登录

Standard
[yemaosheng.com@svr ~]$ cd /home/yemaosheng.com/.ssh
[yemaosheng.com@svr .ssh]$ ssh-keygen -t dsa
[yemaosheng.com@svr .ssh]$ ls
id_dsa  id_dsa.pub  known_hosts
[yemaosheng.com@svr .ssh]$ cat id_dsa.pub > authorized_keys
[yemaosheng.com@svr .ssh]$ chmod 600 authorized_keys
[yemaosheng.com@svr .ssh]$ sz id_dsa* #下载id_dsa*,装有szrz工具

下载putty、pageant、puttygen,并将其放在同一目录.
下载地址:http://www.putty.org

运行puttygen

如上图,选”File”菜单中”的Load Private Key”导入之前下载的id_dsa文件,生成id_dsa文件时输入passphrase的话此时会有提示输入密码.导入后如下图,可点”Save private key”按钮导出一个*.ppk的putty专用的私钥文件.

运行pageant
会在右下角任务栏里有个帽子图标.右键点选”Add Key”添加ppk私钥文件,如私钥设有密码此时会提示输入.
最后,右键”New Session”新建服务器连接会话.

python pexpect多机远程管理范例

Standard
#!/usr/bin/python
 
import pexpect
import sys
import time
import os
 
def ssh_cmd(ip, user, pwd, cmds):
  try:
    foo = pexpect.spawn('ssh %s@%s' % (user,ip))
    index = foo.expect(['Password:', 'yes/no'])
 
    if index == 0:
      foo.sendline(pwd)
    elif index == 1:
      foo.sendline('yes')
 
    foo.expect('~ #')
 
    for cmd in cmds.split(","):
      foo.sendline(cmd)
 
  except pexpect.EOF:
    foo.close()
  else:
    foo.close
  return ip
 
file = open('serverlist.txt')
try:
  hosts = file.read()
finally:
  file.close()
 
  for host in hosts.split("\n"):
    if host:
      ip,user,pwd,cmds = host.split(":")
      print ssh_cmd(ip,user,pwd,cmds)
172.28.201.101:yemaosheng:com:echo '1' >> /root/1,echo '11' >> /root/2
172.28.201.102:yemaosheng:com:echo '2' >> /root/2
172.28.201.103:yemaosheng:com:echo '3' >> /root/3

gentoo下的ssh key认证rsync同步

Standard

A:191.168.0.10
B:191.168.0.11
采用推送方式,由A将文件推送到B

A:

emerge rsync
 
cd
ssh-keygen -t dsa -b 1024 -f /root/this-host-rsync-key
cp this-host-rsync-* ~/.ssh
scp this-host-rsync-key.pub root@191.168.0.11:/root/.ssh/

B:

emerge rsync
 
cd
cd ~/.ssh/
cat this-host-rsync-key.pub > authorized_keys
 
vi /etc/rsyncd.conf
  uid = root
  gid = root
  max connections = 10
  pid file = /var/run/rsyncd.pid
  use chroot = yes
  read only = yes
  [rsynctest]
  path = /root/rsync_B
  comment = test
  ignore errors
  read only = no
 
/etc/init.d/rsyncd start

A:

rsync -vzrtopg --delete /root/rsync_A/ 172.28.201.102::rsynctest

转载请注明出处: http://yemaosheng.com

putty+ssh socks5

Standard

总算找着个可以访问的下载地址了,”GFW”真强!!!
ftp://ftp.qut.edu.au/pub/ip-charge/unix/socks5-v1.0r11.tar.gz
只可惜装到一半就报错了,正巧查到个更容易的方法,那就是直接用putty+ssh来做socks5吧.

Windows下操作:
在 putty 中设置好要登录的服务器 ip,并在“连接-SSH-通道”中设置:源端口1080 动态 自动,然后增加(如下图)
保存后打开,使用账号和密码登录,这样就建立好 socks 5 代理.
在相关软件中设置好代理参数 127.0.0.1:1080 后便可以使用.

ssh公钥认证

Standard

A:192.168.0.1
B:192.168.0.2
实现B机无需密码ssh到A机

B操作
/usr/bin/ssh-keygen -t rsa
在/root/.ssh/下面生成两个文件
id_dsa(私钥)
id_dsa.pub(公钥)
scp /root/.ssh/id_dsa.pub root@192.168.0.1:/root/

A操作
cat /root/id_rsa.pub >> /root/.ssh/authorized_keys

php ssh make: *** [ssh2.lo] Error 1

Standard

ssh2.c patch:

LINE 480:
search and change following line:
#if LIBSSH2_APINO < 200412301450

#else
to:
#if (defined(LIBSSH2_APINO) && LIBSSH2_APINO < 200412301450)

#else

LINE 1216:
search and change following line:
#if (LIBSSH2_APINO > 200503221619)
to:
#if (defined(LIBSSH2_APINO) && (LIBSSH2_APINO > 200503221619)) ||
(defined(LIBSSH2_VERSION_NUM) && LIBSSH2_VERSION_NUM >= 0x001000)

Compile again.