ssh记录

记录一下ssh相关配置，随时查询用

免密登录

ssh-keygen -C name@mail.com
ssh-copy-id -i ~/.ssh/id_rsa.pub root@ip

别名登录

ssh-keygen
ssh-copy-id -i ~/.ssh/id_rsa.pub root@ip
vim ~/.ssh/config
Host tf
    HostName 172.25.80.123
    Port 22
    User root
    IdentityFile ~/.ssh/id_rsa
ssh tf

ssh登录慢

1. 使用root权限修改ssh的配置文件

vim /etc/ssh/sshd_config

增加一行记录：UseDNS no

2. 关闭GSSAPI

发现：Next authentication method: gssapi-with-mic

vim /etc/ssh/sshd_config

vim /etc/ssh/ssh_config

修改GSSAPIAuthentication参数为no

远程备份

dd if=/dev/mmcblk1p4 | ssh root@ip dd of=~/backup.img

tar cvzf - package_dir/ | ssh root@ip "cd ~/backup ;cat >backup_file.tar.gz"

Root登录

/etc/ssh/sshd_config PermitRootLogin yes

allocation request failed on channel 0

mount devpts /dev/pts -t devpts

删除hosts

ssh-keygen -f "~/.ssh/known_hosts" -R ip

no matching key exchange method found. Their offer: diffie-hellman-group1-sha1

~/.ssh/config
Host *
        KexAlgorithms +diffie-hellman-group1-sha1

tcp转发

AllowTcpForwarding 默认yes，可以no关闭

tun转发

PermitTunnel
  是否允许 tun 设备转发。可用值如下：
"yes", "point-to-point", "ethernet", "no"(默认)
"yes"同时蕴含着"point-to-point"和"ethernet"