Focus On Oracle

Installing, Backup & Recovery, Performance Tuning,
Troubleshooting, Upgrading, Patching

Oracle Engineered System


当前位置: 首页 » 技术文章 » Oracle

Scp between Unix and Windows

Secure Shell(SSH) 是建立在应用层和传输层基础上的安全协议,由 IETF 的网络工作小组(Network Working Group)所制定。SSH 是目前较可靠,专为远程登录会话和其他网络服务提供安全性的协议。利用 SSH 协议可以有效防止远程管理过程中的信息泄露问题。SSH 客户端与服务器端的通信的安全验证除了用户名密码的口令验证方式以外,还可以使用密钥的验证方式。

假如有两台unix服务器,需要在A服务器上使用scp在服务器A、B直接传送数据,B服务器用户希望用户只能从A服务器访问(双方都不希望对方知道自己的密码),这时我们只要建立A到B的自动信任就好了,也就是设SSH公钥认证我们可以生成A服务器用户的公钥,然后传送给B服务器用户,B服务器用户把A服务器用户公钥放置好就可以了。这样也可以不需要每次都输入密码。


A服务器步骤

1.通ssh-keygen生成公钥私钥

[oracle@db1 ~]$ ssh-keygen

Generating public/private rsa key pair. 默认使用RSA加密算法(RSA,DSA
Enter file in which to save the key (/home/oracle/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/oracle/.ssh/id_rsa.
Your public key has been saved in /home/oracle/.ssh/id_rsa.pub.
The key fingerprint is:
70:9e:47:10:a1:22:bd:54:97:7b:4f:4d:00:b2:fe:bd oracle@db1
The key's randomart image is:
+--[ RSA 2048]----+
|      . *+....   |
|   . . o.+    .  |
|  . + o o..  o   |
|   o o =.o. . .  |
|    .   S..o     |
|         o ..    |
|          . .    |
|             .   |
|            E    |
+-----------------+
[oracle@db1 ~]$
[oracle@db1 ~]$ cd .ssh/
[oracle@db1 .ssh]$ ls

id_rsa  id_rsa.pub 

2.把~/.ssh目录下id_rsa.pub传送到B服务器

3.如果知道B服务器用户密码,可以使用ssh-copy-id传送公钥。如果不知道,忽略这一步,继续下面的步骤

[oracle@db1 ~]$ ssh-copy-id -i ~/.ssh/id_rsa.pub web@10.0.0.120
The authenticity of host '10.0.0.120 (10.0.0.120)' can't be established.
RSA key fingerprint is 1d:bd:2e:1c:68:20:65:68:c8:1a:1c:6e:0e:dc:85:2e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.0.120' (RSA) to the list of known hosts.
web@10.0.0.120's password:
Now try logging into the machine, with "ssh 'web@10.0.0.120'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

B服务器步骤

1.在用户家目录下建立.ssh目录

[web@db2 ~]$ mkdir .ssh
[web@db2 ~]$ cd .ssh/

2.把id_rsa.pub(从A服务器上的获取)放置在用户家目录下的.ssh目录

[web@db2 .ssh]$ ls
id_rsa.pub

3.重命名文件名

[web@db2 .ssh]$ mv id_rsa.pub authorized_keys


在A服务器上测试

[oracle@db1 ~]$ scp  web@db2:/tmp/a.sql .
The authenticity of host '10.0.0.120 (10.0.0.120)' can't be established.
RSA key fingerprint is 1d:bd:2e:1c:68:20:65:68:c8:1a:1c:6e:0e:dc:85:2e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.0.120' (RSA) to the list of known hosts.
a.sql                                                                           100%  392     0.4KB/s   00:00
[oracle@db1 ~]$ ls

[oracle@db1 ~]$ cd .ssh/
[oracle@db1 .ssh]$ ls
id_rsa  id_rsa.pub  known_hosts

known_hosts访问过的主机都会在这个文件里显示
[oracle@db1 .ssh]$

[oracle@db1 ~]$ scp cdb1 web@db2:~
cdb1                                                                           100%  136     0.1KB/s   00:00
[oracle@db1 ~]$


我们也可以在windows上使用scp,需要我们在windows上安装一个ssh服务器就好,Bitvise SSH Server就非常不错

https://www.bitvise.com/ssh-server

操作步骤

Open easy setting–>Virtual accounts

新建一个账户,把Unix上的用户id_rsa.pub公钥导入即可实现unix服务器到windows服务器的自动传输







Reference

RFC4716: The Secure Shell (SSH) Public Key File Format

使用 Java 进行 OpenSSH 和 PuTTY private key 密钥格式的解析与转换

https://wiki.archlinux.org/index.php/SSH_keys

https://www.bitvise.com/ssh-server-guide-public-key

http://www.opensource.apple.com/source/OpenSSH/OpenSSH-7.1/openssh/ssh-keygen.c

https://sourceforge.net/projects/orion-ssh2/

http://www.cs.rpi.edu/research/groups/vision/doc/auto/ssh/ssh_public_key_authentication.html

http://www.ipsure.com/blog/2010/ssh-public-key-w-rsa-authentication-and-ssh-tunneling-part-1/

http://www.360doc.com/content/11/1028/13/3688062_159831530.shtml




关键词:ssh-keygen scp linux 

相关文章

Install oracle products on docker
How to enable autologin on OEL6/7
Linux的分支有多少,你知道么?
Linux下配置vsftpd
如何配置HITACHI存储多路径软件
Exadata OS用户的密码策略
whats sosreport
Config xming+putty for X11 forwarding
在Linux中如何重置root密码,当你忘记时
在Oracle Enterprise Linux上使用nmon
如何在Windows和Linux上启用Large page
Linux性能优化方面的"神图"
Top