L70.linux命令每日一练 -- 第十章 Linux网络管理命令 -- nc和ssh

10.13 nc：多功能网络工具

10.13.1 命令详解

​ 【命令星级】 ★★★★☆

​ 【功能说明】

​ 　nc是一个简单、可靠、强大的网络工具，它可以建立TCP连接，发送UDP数据包，监听任意的TCP和UDP端口，进行端口扫描，处理IPv4和IPv6数据包。

​ 如果系统没有nc命令，那么可以手动安装，安装命令为yum -y install nc。

[root@centos6 ~]# rpm -q nc
nc-1.84-24.el6.x86_64	#nc版本号
1
2

​ 【语法格式】

nc [option]
nc [选项]
1
2

​ **说明：**在nc命令及后面的选项里，每个元素直接都至少要有一个空格。

​ 【选项说明】

​ 表10-13针对该命令的参数选项进行了说明。

​ 表10-13 nc命令的参数选项及说明

10.13.2 使用范例

​ 【环境准备】

​ 由于后面的测试和网络相关，因此需要准备好环境：需要关闭防火墙和selinux。

[root@centos6 ~]# /etc/init.d/iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination         
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
2    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           
3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
4    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22 
5    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination         
1    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination         

[root@centos6 ~]# /etc/init.d/iptables stop  
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Unloading modules:                               [  OK  ]
[root@centos6 ~]# /etc/init.d/iptables status
iptables: Firewall is not running.
[root@centos6 ~]# getenforce
Disabled

#关闭防火墙：/etc/init.d/iptables stop
#关闭selinux：setenforce 0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

​ **范例10-42：**模拟TCP连接并传输文本内容（远程复制文件）。

[root@centos6 ~]# nc -l 12345 >neteagle.nc	#监听12345端口，将数据写入neteagle.nc。
#执行完上面的命令后，当前窗口挂起。
#新开一个窗口执行命令。
[root@centos6 ~]# netstat -lntup |grep 12345	#首先查看12345端口。
tcp        0      0 0.0.0.0:12345               0.0.0.0:*                   LISTEN      2911/nc 
[root@centos6 ~]# cat >neteagle.log<
> 6.8.0
> EOF
[root@centos6 ~]# nc 10.0.0.202 12345 
[root@centos6 ~]# netstat -lntup |grep 12345	#nc命令传输完数据后自动终止。
#回到第一个窗口，检查结果。
[root@centos6 ~]# cat neteagle.nc
6.8.0
1
2
3
4
5
6
7
8
9
10
11
12
13

​ **范例10-43：**用Shell模拟一个简单的Web服务器效果案例。

[root@centos6 ~]# cat >test.txt<
> welcome to my blog. http://www.neteagles.cn
> if you like my blog's contents,pls support me.
> bye! boys and girls.
> EOF
[root@centos6 ~]# vim web.sh
#!/bin/bash
while true	#使用while守护进程。
        do
                nc -l 80 /dev/null &	#执行脚本并加入后台。
[4] 31099
[root@centos6 ~]# netstat -lntup |grep 80
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      31105/nc            
[root@centos6 ~]# curl 127.0.0.1	#使用curl命令访问，获得以下内容。
welcome to my blog. http://www.neteagles.cn
if you like my blog's contents,pls support me.
bye! boys and girls.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

​ **范例10-44：**手动与HTTP服务器建立连接的例子。

​ 为了诊断网络连接故障，通常需要手动建立到服务器的整个连接过程，使用nc命令可以轻松地实现手动与HTTP服务器的连接：

**范例10-45：**利用nc进行端口扫描。

[root@centos6 ~]# nc -z 10.0.0.202 20-30	#点10.0.0.202主机的20到30端口。
Connection to 10.0.0.202 22 port [tcp/ssh] succeeded!
[root@centos6 ~]# nc -z 10.0.0.202 22  	#主机后面可以接单个地址或地址范围。
Connection to 10.0.0.202 22 port [tcp/ssh] succeeded!
[root@centos6 ~]# nc -z -v 10.0.0.202 20-30	#使用-v选项详细显示扫描过程。
nc: connect to 10.0.0.202 port 20 (tcp) failed: Connection refused
nc: connect to 10.0.0.202 port 21 (tcp) failed: Connection refused
Connection to 10.0.0.202 22 port [tcp/ssh] succeeded!
nc: connect to 10.0.0.202 port 23 (tcp) failed: Connection refused
nc: connect to 10.0.0.202 port 24 (tcp) failed: Connection refused
nc: connect to 10.0.0.202 port 25 (tcp) failed: Connection refused
nc: connect to 10.0.0.202 port 26 (tcp) failed: Connection refused
nc: connect to 10.0.0.202 port 27 (tcp) failed: Connection refused
nc: connect to 10.0.0.202 port 28 (tcp) failed: Connection refused
nc: connect to 10.0.0.202 port 29 (tcp) failed: Connection refused
nc: connect to 10.0.0.202 port 30 (tcp) failed: Connection refused
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

​ 范例10-46： 使用 nc命令，模拟QQ聊天。

​ 打开两个命令抗窗口，模拟两个人聊天的场景。

​ 首先在第一个窗口执行如下命令，执行完成会hang住等待输入状态：

[root@centos6 ~]# nc -l 12345
1

​ 然后在第2个窗口执行如下命令，执行完也会hang住等待输入状态：

[root@centos6 ~]# nc 127.0.0.1 12345	#如果是不同系统，需要输入第一个窗口的IP。-
1

​ 此时两个窗口都等待输入内容。我们先新建第3个窗口，查看他们奖励的网络连接：

[root@centos6 ~]# netstat -ntp |grep nc	#12345端口是nc指定开放的，44192端口是系统为了和12345端口通信随机开放的，当然也可以使用-p选项指定开放端口。
tcp        0      0 127.0.0.1:12345             127.0.0.1:44192             ESTABLISHED 101091/nc           
tcp        0      0 127.0.0.1:44192             127.0.0.1:12345             ESTABLISHED 108998/nc 
1
2
3

​ 怎么聊天呢？很简单，你在第一个窗口中输入想要说的话，然后敲回车键，悄悄话就会自动发送到对方（第二个窗口），和QQ的效果一样：

[root@centos6 ~]# nc -l 12345
hi,I am neteagle.		#在第一个窗口输入想要说的话，然后敲回车键。
1
2

​ 对方（第二个窗口）也只需输入回复的话然后敲回车键，消息就能发送给你：

[root@centos6 ~]# nc 127.0.0.1 12345
hi,I am neteagle.	#第二个窗口已看到了说话的内容。
hello,I am younggirl,how do you do?	#在第二个窗口中说话，返回第一个窗口也可以看见。
1
2
3

[root@centos6 ~]# nc -l 12345
hi,I am neteagle.
hello,I am younggirl,how do you do?
1
2
3

​ 如果不想聊天了，按住Ctrl+d正常退出。

10.14 ssh：安全地远程登录主机

10.14.1 命令详解

​ 【命令星级】 ★★★★★

​ 【功能说明】

​ 　ssh命令是openssh套件中的客户端连接工具，可以使用ssh加密协议实现安全的远程登录服务器，实现对服务器的远程管理，Windows中的替代工具为Xshell、putty、SecureCRT等。

​ 【语法格式】

ssh [option] [user@]hostname [command]
ssh [选项] [用户@][主机名或IP地址] [远程执行的命令]
1
2

​ 说明：

​ 1）在ssh命令及后面的选项里，每个元素直接都至少要有一个空格。

​ 2）如果省略了用户，则默认是当前执行ssh命令的用户。

​ 3）远程执行的命令是可选项。

​ 【选项说明】

​ 表10-14针对该命令的参数选项进行了说明。

​ 表10-14 ssh命令的参数选项及说明

10.14.2 使用范例

10.14.2.1 基础范例

​ **范例10-47：**远程登录服务器。

[root@centos7 ~]# ssh 10.0.0.202	#这时远程登录服务器的简写命令，等同于ssh -p 22 root@10.0.0.202。
#下面四行内容只有在第一次连接远程服务器时会提示，再次连接就不会提示了。
The authenticity of host '10.0.0.202 (10.0.0.202)' can't be established.
RSA key fingerprint is SHA256:B0/rcxEB8cPheVkHbtpksluDK/bMZs8+VyQ7huuHkaQ.
RSA key fingerprint is MD5:8d:ed:58:b4:20:d6:fa:e3:03:69:80:9e:fe:b1:48:bb.
Are you sure you want to continue connecting (yes/no)? yes	#输入yes即可。
Warning: Permanently added '10.0.0.202' (RSA) to the list of known hosts.
root@10.0.0.202's password: 	#如果省略用户，则默认是当前执行ssh命令的用户。此处输入远端服务器的密码123456，密码不可见。
#下面就登陆到远程服务器了，然后我们快速查看一下IP地址。
Last login: Sat Oct 31 03:03:44 2020 from 10.0.0.1
[root@centos6 ~]# hostname -I	#查看IP地址。
10.0.0.202 10.0.0.5 
[root@centos6 ~]# logout	#输入Ctrl+d注销登录。
Connection to 10.0.0.202 closed.
1
2
3
4
5
6
7
8
9
10
11
12
13
14

​ 如果不想使用root用户登录远程服务器，那么我们可以明确指定登录用户，也可以同时指定端口：

[root@centos7 ~]# ssh -p 22 neteagle@10.0.0.202	#使用neteagle用户登录远程服务器，这个用户必须是远程服务器已有的用户，-p指定22端口。
neteagle@10.0.0.202's password: 	#输入密码123456。
Last login: Sat Oct 17 01:17:02 2020 from 10.0.0.1
[neteagle@centos6 ~]$ pwd	#查看当前所在的目录。
/home/neteagle
[neteagle@centos6 ~]$ logout
Connection to 10.0.0.202 closed.
1
2
3
4
5
6
7

​ **范例10-48：**远程执行命令的例子。

[root@centos7 ~]# ssh 10.0.0.202 "free -h"	#直接将要远程执行的命令放置到最后即可，用引号更规范，这里是查看所在服务器的内存信息。
root@10.0.0.202's password: 	#输入密码123456。
             total       used       free     shared    buffers     cached
Mem:          979M       309M       670M       240K        18M       177M
-/+ buffers/cache:       113M       866M
Swap:         2.0G         0B       2.0G
1
2
3
4
5
6

10.14.2.2 生产案例

​ **范例10-49：**SSH远程连接服务比较慢的问题的排查方案。

[root@centos7 ~]# ssh -v root@10.0.0.202	#使用-v选项进入调试模式。
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 58: Applying options for *
debug1: Connecting to 10.0.0.202 [10.0.0.202] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: Authenticating to 10.0.0.202:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:B0/rcxEB8cPheVkHbtpksluDK/bMZs8+VyQ7huuHkaQ
debug1: Host '10.0.0.202' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
No Kerberos credentials available (default cache: KEYRING:persistent:0)

debug1: Unspecified GSS failure.  Minor code may provide more information
No Kerberos credentials available (default cache: KEYRING:persistent:0)

debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ed25519
debug1: Next authentication method: password
root@10.0.0.202's password: 	#这里是提示输入密码的交互提示。
debug1: Authentication succeeded (password).
Authenticated to 10.0.0.202 ([10.0.0.202]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
Last login: Sat Oct 31 03:35:13 2020 from 10.0.0.201
#在远程连接时如果慢就可以确定卡在哪了。
[root@centos6 ~]# logout
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug1: channel 0: free: client-session, nchannels 1
Connection to 10.0.0.202 closed.
Transferred: sent 2736, received 2752 bytes, in 164.5 seconds
Bytes per second: sent 16.6, received 16.7
debug1: Exit status 0

[root@centos7 ~]# ssh -v neteagle@10.0.0.202
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips  26 Jan 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 58: Applying options for *
debug1: Connecting to 10.0.0.202 [10.0.0.202] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: Authenticating to 10.0.0.202:22 as 'neteagle'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: umac-64@openssh.com compression: none
debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
debug1: kex: diffie-hellman-group-exchange-sha256 need=16 dh_need=16
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:B0/rcxEB8cPheVkHbtpksluDK/bMZs8+VyQ7huuHkaQ
debug1: Host '10.0.0.202' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure.  Minor code may provide more information
No Kerberos credentials available (default cache: KEYRING:persistent:0)

debug1: Unspecified GSS failure.  Minor code may provide more information
No Kerberos credentials available (default cache: KEYRING:persistent:0)

debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ed25519
debug1: Next authentication method: password
neteagle@10.0.0.202's password: 
debug1: Authentication succeeded (password).
Authenticated to 10.0.0.202 ([10.0.0.202]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
Last login: Sat Oct 31 03:39:58 2020 from 10.0.0.201
[neteagle@centos6 ~]$ debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
logout
debug1: channel 0: free: client-session, nchannels 1
Connection to 10.0.0.202 closed.
Transferred: sent 2736, received 2752 bytes, in 18.5 seconds
Bytes per second: sent 148.1, received 149.0
debug1: Exit status 0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168