2. In the name of god
Biography :
My name is : yashar esmaildokht
I am Gnu/Linux Sys/net/sec Admin & Oracle Dba
my tel : 09141100257
my resume :http://www.nofa.ir/Resume-royaflash.aspx
website :
●
http://unixmen.ir
●
http://oraclegeek.ir
●
http://webmom.ir
my nick name : royaflash
72. $ sudo apt-get install dsh
compile from source before install libdshconfig :
# wget http://www.netfort.gr.jp/~dancer/software/downloads/libdshconfig-0.20.10.cvs.1.tar.gz
● # tar xfz libdshconfig*.tar.gz
● # cd libdshconfig-*
● # ./configure ; make
● # make install
73. Then compile dsh and install.
# wget http://www.netfort.gr.jp/~dancer/software/downloads/dsh-
0.22.0.tar.gz
● # tar xfz dsh-0.22.0.tar.gz
● # cd dsh-*
● # ./configure ; make
● # make install
78. دستور این بر شرحی حال:
--all | -a
Add all machines found in /etc/dsh/machines.list to the list of machines that the specified command is executed.
“–M” option, which says to return the “machine name” (specified in “/etc/dsh/machines.list“) along with the output of the uptime command.
(Very useful for sorting when running a command on a number of machines.)
--show-machine-names | -M
Prepends machine names on the standard output. Useful to be used in conjunction with the --concurrent-shell option so that
the output is slightly more parsable.
-c
The “–c” option stands for “command to be executed” in this case, “uptime“.
81. ۱کلید ایجاد (rsa
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/tecmint/.ssh/id_rsa): [Press enter key]
Created directory '/home/tecmint/.ssh'.
Enter passphrase (empty for no passphrase): [Press enter key]
Enter same passphrase again: [Press enter key]
Your identification has been saved in /home/tecmint/.ssh/id_rsa.
Your public key has been saved in /home/tecmint/.ssh/id_rsa.pub.
The key fingerprint is:
5f:ad:40:00:8a:d1:9b:99:b3:b0:f8:08:99:c3:ed:d3 tecmint@tecmint.com
The key's randomart image is:
+--[ RSA 2048]----+
| ..oooE.++|
| o. o.o |
| .. . |
| o . . o|
| S . . + |
| . . . o|
| . o o ..|
| + + |
| +. |
+-----------------+
82.
83. فولدر ایجاد.sshمقصد سرور در.
ssh sheena@192.168.0.11 mkdir -p .ssh
The authenticity of host '192.168.0.11 (192.168.0.11)' can't be established.
RSA key fingerprint is 45:0e:28:11:d6:81:62:16:04:3f:db:38:02:la:22:4e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.11' (ECDSA) to the list of known hosts.
sheena@192.168.0.11's password: [Enter Your Password Here]
92. NAME
ssh-copy-id - install your public key in a remote machine's authorized_keys
SYNOPSIS
ssh-copy-id [-i [identity_file]] [user@]machine
DESCRIPTION
ssh-copy-id is a script that uses ssh to log into a remote machine and append the indicated identity file to that machine's
~/.ssh/authorized_keys file.
If the -i option is given then the identity file (defaults to ~/.ssh/id_rsa.pub) is used, regardless of whether there are any keys
in your ssh-agent. Otherwise, if this:
93. ssh-add -L
provides any output, it uses that in preference to the identity file.
If the -i option is used, or the ssh-add produced no output, then it uses the contents of the identity file. Once it has one or
more fingerprints (by whatever means) it uses ssh to append them to ~/.ssh/authorized_keys on the remote machine (creating the file,
and directory, if necessary.)
NOTES
This program does not modify the permissions of any pre-existing files or directories. Therefore, if the remote sshd has StrictModes
set in its configuration, then the user's home, ~/.ssh folder, and ~/.ssh/authorized_keys file may need to have group writability
disabled manually, e.g. via
chmod go-w ~ ~/.ssh ~/.ssh/authorized_keys
on the remote machine.
SEE ALSO
ssh(1), ssh-agent(1), sshd(8)
94. sftp
sftp root@yashar
Once you are connected:
sftp> lcd /tmp [change local directory to /tmp]
sftp> cd /etc [change remote directory to /etc]
sftp> get motd [download /etc/motd to /tmp/motd]
sftp> ? [view summary help]
sftp> bye [terminate connection]
ls /tmp/motd [prove you got the file]
98. Sample
Host *.example.org
User eouser
ForwardX11 yes
Host *.sub.example.com
User suser
Host *.example.com
User ecuser
Host*
ForwardX11 no
Set the user for each si
defaulting to the loca
user for unlisted sites.
Do not forward X
connections by defaul
except to hosts at
example.org.
99. Securing VNC
VNC lacks any sort of useful transport security.
If VNC servers are placed on a private network, SSH can provide that security.
ssh -L 5900:<vnchost>:5900 <gateway>
vncviewer localhost
107. root@192.168.1.142 : Remote server with sshd
● fuse : File system type.
● idmap=user : Only translate UID of connecting user.
● allow_other : Allow access to other users.
● reconnect : Reconnect to server.
● _netdev : The filesystem resides on a device that requires network access (used to prevent the
system from attempting to mount these filesystems until the network has been enabled on the
system).
● users : Allow every user to mount and unmount the filesystem.
● IdentityFile=/path/to/.ssh/keyfile - SSH key file.
●
●
111. # TCP port that shellinboxd's webserver listens on
SHELLINABOX_PORT=443
# specify the IP address of a destination SSH server
SHELLINABOX_ARGS="--o-beep -s /:SSH:192.168.1.7"
# if you want to restrict access to shellinaboxd from localhost only
SHELLINABOX_ARGS="--o-beep -s /:SSH:192.168.1.7 --localhost-only"