生成密钥对

[root@host ~]# ssh-keygen  <== 建立密钥对
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): <== 按 Enter
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): <== 输入密钥锁码,或直接按 Enter 留空
Enter same passphrase again: <== 再输入一遍密钥锁码
Your identification has been saved in /root/.ssh/id_rsa. <== 私钥
Your public key has been saved in /root/.ssh/id_rsa.pub. <== 公钥
The key fingerprint is:
0f:d3:e7:1a:1c:bd:5c:03:f1:19:f1:22:df:9b:cc:08 root@host

目标主机安装密钥

[root@host ~]# cat id_rsa.pub >> authorized_keys
[root@host ~]# chmod 600 authorized_keys
[root@host ~]# chmod 700 ~/.ssh

sshd常用安全设置

[root@host ~]# vi /etc/ssh/sshd_config

Port 2222                  # 修改端口号
RSAAuthentication yes      # 使用rsa认证
PubkeyAuthentication yes   # 使用公钥认证
PermitRootLogin no         # 禁止root用户登陆
PasswordAuthentication no  # 禁止密码登陆
ClientAliveInterval 60     # 设定超时断开时间

使用ufw开放指定端口

[root@host ~]# yum install ufw
[root@host ~]# ufw allow ssh
[root@host ~]# ufw allow http
[root@host ~]# ufw allow https
[root@host ~]# ufw enable

telnet调测socket报文

用于linux上socket调测。

[root@host ~]# (echo '1111;2222;3333';sleep 1)|telnet 127.0.0.1 9090