代码之美

标签: ssh

  • macos命令行安装xcode command line tools

    • 在这里下载 xcode command line tools
      https://developer.apple.com/download/all/?q=Command%20Line%20Tools%20for%20Xcode
    • 挂载dmg
      hdiutil attach Command_Line_Tools_for_Xcode_15.3.dmg
    • 安装pkg包
      `sudo installer -package /Volumes/Command\ Line\ Developer\ Tools/Command\ Line\ Tools.pkg -target /“
    • 卸载dmg
      hdiutil detach /Volumes/Command\ Line\ Developer\ Tools

    Views: 45

  • macos命令行配置网卡

    • 后面的3个IP地址分别是网卡IP地址,子网掩码,网关IP地址
      networksetup -setmanual "USB 10/100/1000 LAN" 192.168.1.100 255.255.255.0 192.168.1.1
    • 配置网卡DNS服务器
      networksetup -setdnsservers "USB 10/100/1000 LAN" 192.168.1.1
    • 清除网卡DNS服务器
      networksetup -setdnsservers "USB 10/100/1000 LAN" empty

    Views: 16

  • ubuntu22.04安装denyhosts

    git clone https://github.com/denyhosts/denyhosts.git
    cd denyhosts
    python setup.py install
    cp denyhosts.conf /etc
    cp daemon-control-dist /usr/share/denyhosts/daemon-control
    cp denyhosts.py /usr/sbin/denyhosts.py
    cd /etc/init.d
    ln -s /usr/share/denyhosts/daemon-control denyhosts
    编辑denyhosts
    从第2行开始添加以下内容

    ### BEGIN INIT INFO
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
### END INIT INFO

    systemctl enable denyhosts
    systemctl start denyhosts

    Views: 181

  • 配置华为设备使用SSH公钥登录

    • 使用openssh格式公钥
    aaa
local-user admin service-type terminal ssh ftp http
quit
ssh user admin authentication-type all
rsa peer-public-key tao encoding-type openssh
public-key-code begin
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAA6mw8q1ok9ElbkNRvalOnECxRXaz8oO3sDlL+F8c5dTm09nuK4z1leQlsO
2qMX49foxoCg/sXcVg351dooKkrjZt4IzikGN/hm49lrH4uJGffm9CGmuhF5Xyj1QyvwnA9iERusSS4yf3NvmSR6w5fyCxzKd/09GG8SJ1mXVWw0U9Cd+jk7fEq/6eVsvQNdr23wEXppdkpV9URCvygDR4dk7FBnnmpLD9gOIshpgFPO6452YzaPqpGU/US/YjmbsDNROPHBVvAC/xaCDy6IJCqR8jkKQUya+uPLC29Xfhly+taHV8KHNJ41leN6L/09Lh7uFuN5jGHGHgCJyXPOnP haohetao@gmail.com
public-key-code end
peer-public-key end
dis rsa peer-public-key
ssh user admin assign rsa-key tao
    • 使用华为专有格式的公钥
      有些华为设备或固件版本不支持openssh格式公钥,只能使用华为格式
      执行ssh-keygen -e -m pem -f ~/.ssh/id_rsa.pub | sed '1d;$d' | tr -d '\n' | base64 -d | od -t x1 -An | tr -d ' \n' | tr 'a-f' 'A-F' | sed 's/\(.\{8\}\)/\1 /g' | fold -w 54把本地openssh格式的公钥转换为华为格式
    ssh user admin authentication-type all
rsa peer-public-key tao
public-key-code begin
3082010A 02820101 00C003A9 B0F2AD68 93D1256E 4351BDA9
4E9C40B1 4576B3F2 83B7B039 4BF85F1C E5D4E6D3 D9EE2B8C
F595E425 B0EDAA31 7E3D7E8C 680A0FEC 5DC560DF 9D5DA282
A4AE366D E08CE290 637F866E 3D96B1F8 B8919F7E 6F421A6B
A11795F2 8F5432BF 09C0F621 11BAC492 E327F736 F99247AC
397F20B1 CCA77FD3 D186F122 75997556 C3453D09 DFA393B7
C4ABFE9E 56CBD035 DAF6DF01 17A69764 A55F5444 2BF28034
78764EC5 0679E6A4 B0FD80E2 2C869805 3CEEB8E7 663368FA
A9194FD4 4BF62399 BB033513 8F1C156F 002FF168 20F2E882
42A91F23 90A414C9 AFAE3CB0 B6F577E1 972FAD68 757C2873
49E3595E 37A2FFD3 D2E1EEE1 6E3798C6 1C61E008 9C973CE9
CF020301 0001
public-key-code end
peer-public-key end
dis rsa peer-public-key
ssh user admin assign rsa-key tao

    注意:
    复制密钥的时候不要漏掉后面的尾巴,尤其是复制华为16进制密钥格式时,因为末尾没有换行容易忽略

    Views: 121