# 步骤1：安装SSH服务
$ sudo dnf install -y openssh-server
Updating Subscription Management repositories.
Last metadata expiration check: 0:00:00 ago on Wed Apr 2 10:00:00 2026.
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
openssh-server x86_64 8.7p1-34.el9_3.1 rhel-10-baseos 458 k
Installing dependencies:
openssh x86_64 8.7p1-34.el9_3.1 rhel-10-baseos 421 k
Transaction Summary
================================================================================
Install 2 Packages

Total download size: 879 k
Installed size: 2.1 M
Downloading Packages:
[1/2] openssh-8.7p1-34.el9_3.1.x86_64.rpm 421 kB/s | 421 kB 00:00
[2/2] openssh-server-8.7p1-34.el9_3.1.x86_64.rpm 458 kB/s | 458 kB 00:00
——————————————————————————–
Total 879 kB/s | 879 kB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/2
Installing : openssh-8.7p1-34.el9_3.1.x86_64 1/2
Installing : openssh-server-8.7p1-34.el9_3.1.x86_64 2/2
Running scriptlet: openssh-server-8.7p1-34.el9_3.1.x86_64 2/2
Verifying : openssh-8.7p1-34.el9_3.1.x86_64 1/2
Verifying : openssh-server-8.7p1-34.el9_3.1.x86_64 2/2

Installed:
openssh-8.7p1-34.el9_3.1.x86_64
openssh-server-8.7p1-34.el9_3.1.x86_64

Complete!

# 步骤2：启动SSH服务
$ sudo systemctl enable –now sshd
Created symlink /etc/systemd/system/multi-user.target.wants/sshd.service → /usr/lib/systemd/system/sshd.service.

# 步骤3：查看SSH服务状态
$ sudo systemctl status sshd
● sshd.service – OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2026-04-02 10:00:00 CST; 10s ago
Docs: man:sshd(8)
man:sshd_config(5)
Main PID: 1234 (sshd)
Tasks: 1 (limit: 4915)
Memory: 2.1M
CGroup: /system.slice/sshd.service
└─1234 “sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups”

# 步骤4：配置SSH服务
$ sudo vi /etc/ssh/sshd_config
# 修改以下配置
Port 2222
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes
MaxAuthTries 3
ClientAliveInterval 300
ClientAliveCountMax 2

# 步骤5：重启SSH服务
$ sudo systemctl restart sshd

# 步骤6：查看SSH监听端口
$ sudo ss -tuln | grep ssh
tcp LISTEN 0 128 0.0.0.0:2222 0.0.0.0:* users:((“sshd”,pid=1234,fd=3))

# 步骤1：生成SSH密钥对
$ ssh-keygen -t rsa -b 4096 -C “fgedu@fgedu.net.cn”
Generating public/private rsa key pair.
Enter file in which to save the key (/home/fgedu/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/fgedu/.ssh/id_rsa
Your public key has been saved in /home/fgedu/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:1234567890abcdef1234567890abcdef1234567890abcdef fgedu@fgedu.net.cn
The key’s randomart image is:
+—[RSA 4096]—-+
| .o. |
| o . |
| o . |
| . o |
| . o |
| . o |
| . o |
| . o |
| . o |
+—-[SHA256]—–+

# 步骤2：查看公钥
$ cat ~/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQD… fgedu@fgedu.net.cn

# 步骤3：将公钥复制到目标服务器
$ ssh-copy-id -i ~/.ssh/id_rsa.pub fgedu@192.168.1.10 -p 2222
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: “/home/fgedu/.ssh/id_rsa.pub”
The authenticity of host ‘[192.168.1.10]:2222 ([192.168.1.10]:2222)’ can’t be established.
ED25519 key fingerprint is SHA256:1234567890abcdef1234567890abcdef1234567890abcdef.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
fgedu@192.168.1.10’s password:

Number of key(s) added: 1

Now try logging into the machine, with: “ssh -p 2222 ‘fgedu@192.168.1.10′”
and check to make sure that only the key(s) you wanted were added.

# 步骤4：使用密钥登录
$ ssh -p 2222 fgedu@192.168.1.10
Welcome to Red Hat Enterprise Linux 10 (Plow)
Last login: Wed Apr 2 10:00:00 2026 from 192.168.1.100
[fgedu@fgedu ~]$

# 步骤5：配置SSH客户端
$ vi ~/.ssh/config
Host fgedu
HostName 192.168.1.10
Port 2222
User fgedu
IdentityFile ~/.ssh/id_rsa

# 步骤6：使用配置登录
$ ssh fgedu
Welcome to Red Hat Enterprise Linux 10 (Plow)
Last login: Wed Apr 2 10:00:00 2026 from 192.168.1.100
[fgedu@fgedu ~]$

# 步骤1：创建带SSH的容器
$ cat Dockerfile
FROM alpine:latest
RUN apk add –no-cache openssh
RUN echo ‘root:password’ | chpasswd
RUN sed -i ‘s/#PermitRootLogin prohibit-password/PermitRootLogin yes/’ /etc/ssh/sshd_config
RUN sed -i ‘s/#PasswordAuthentication yes/PasswordAuthentication yes/’ /etc/ssh/sshd_config
RUN ssh-keygen -A
EXPOSE 22
CMD [“/usr/sbin/sshd”, “-D”]

# 步骤2：构建容器镜像
$ docker build -t fgedu/ssh:latest .
Sending build context to Docker daemon 10.24kB
Step 1/7 : FROM alpine:latest
—> 1234567890ab
Step 2/7 : RUN apk add –no-cache openssh
—> Running in 1a2b3c4d5e6f
fetch https://dl-cdn.alpinelinux.org/alpine/v3.18/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.18/community/x86_64/APKINDEX.tar.gz
(1/5) Installing openssh (9.3_p2-r0)
(2/5) Installing openssh-client (9.3_p2-r0)
(3/5) Installing openssh-server (9.3_p2-r0)
(4/5) Installing openssh-server-common (9.3_p2-r0)
(5/5) Installing openssh-sftp-server (9.3_p2-r0)
Executing busybox-1.36.1-r8.trigger
Executing openssh-9.3_p2-r0.trigger
Removing intermediate container 1a2b3c4d5e6f
—> 1234567890cd
Step 3/7 : RUN echo ‘root:password’ | chpasswd
—> Running in 2a3b4c5d6e7f
Removing intermediate container 2a3b4c5d6e7f
—> 1234567890ef
Step 4/7 : RUN sed -i ‘s/#PermitRootLogin prohibit-password/PermitRootLogin yes/’ /etc/ssh/sshd_config
—> Running in 3a4b5c6d7e8f
Removing intermediate container 3a4b5c6d7e8f
—> 1234567890f0
Step 5/7 : RUN sed -i ‘s/#PasswordAuthentication yes/PasswordAuthentication yes/’ /etc/ssh/sshd_config
—> Running in 4a5b6c7d8e9f
Removing intermediate container 4a5b6c7d8e9f
—> 1234567890f1
Step 6/7 : RUN ssh-keygen -A
—> Running in 5a6b7c8d9e0f
Removing intermediate container 5a6b7c8d9e0f
—> 1234567890f2
Step 7/7 : CMD [“/usr/sbin/sshd”, “-D”]
—> Running in 6a7b8c9d0e1f
Removing intermediate container 6a7b8c9d0e1f
—> 1234567890f3
Successfully built 1234567890f3
Successfully tagged fgedu/ssh:latest

# 步骤3：运行容器
$ docker run -d –name ssh-container -p 2223:22 fgedu/ssh:latest
1234567890ab

# 步骤4：查看容器状态
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1234567890ab fgedu/ssh:latest “/usr/sbin/sshd -D” 10 seconds ago Up 9 seconds 0.0.0.0:2223->22/tcp ssh-container

# 步骤5：SSH连接到容器
$ ssh -p 2223 root@localhost
The authenticity of host ‘[localhost]:2223 ([::1]:2223)’ can’t be established.
ED25519 key fingerprint is SHA256:1234567890abcdef1234567890abcdef1234567890abcdef.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added ‘[localhost]:2223’ (ED25519) to the list of known hosts.
root@localhost’s password:
Welcome to Alpine!

The Alpine Wiki contains a large amount of how-to guides and general
information about administrating Alpine systems.
See .

You can setup the system with the command: setup-alpine

/ # hostname
fgedu-container
/ # exit
Connection to localhost closed.

# 步骤6：使用Docker exec访问容器
$ docker exec -it ssh-container /bin/sh
/ # hostname
fgedu-container
/ # exit

# 步骤1：创建Kubernetes Pod
$ cat ssh-pod.yaml
apiVersion: v1
kind: Pod
metadata:
name: ssh-pod
labels:
app: ssh
spec:
containers:
– name: ssh-container
image: fgedu/ssh:latest
ports:
– containerPort: 22

# 步骤2：创建Pod
$ kubectl apply -f ssh-pod.yaml
pod/ssh-pod created

# 步骤3：查看Pod状态
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
ssh-pod 1/1 Running 0 10s

# 步骤4：端口转发
$ kubectl port-forward ssh-pod 2224:22
Forwarding from 127.0.0.1:2224 -> 2224
Forwarding from [::1]:2224 -> 2224

# 步骤5：SSH连接到Pod
$ ssh -p 2224 root@localhost
root@localhost’s password:
Welcome to Alpine!
/ # hostname
ssh-pod
/ # exit

#!/bin/bash
# ssh_config.sh
# from:www.itpux.com.qq113257174.wx:itpux-com
# web: http://www.fgedu.net.cn

# 服务器列表
SERVERS=(
“192.168.1.10”
“192.168.1.11”
“192.168.1.12”
)

# SSH配置
SSH_PORT=2222
SSH_USER=fgedu
SSH_KEY=~/.ssh/id_rsa.pub

# 批量配置SSH密钥
for SERVER in “${SERVERS[@]}”; do
echo “Configuring SSH for $SERVER”
ssh-copy-id -i “$SSH_KEY” “${SSH_USER}@${SERVER}” -p “$SSH_PORT”
done

# 批量测试SSH连接
for SERVER in “${SERVERS[@]}”; do
echo “Testing SSH connection to $SERVER”
ssh -p “$SSH_PORT” “${SSH_USER}@${SERVER}” “hostname”
done

# 执行脚本
$ chmod +x ssh_config.sh
$ ./ssh_config.sh
Configuring SSH for 192.168.1.10
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
fgedu@192.168.1.10’s password:

Number of key(s) added: 1

Configuring SSH for 192.168.1.11
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
fgedu@192.168.1.11’s password:

Number of key(s) added: 1

Configuring SSH for 192.168.1.12
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
fgedu@192.168.1.12’s password:

Number of key(s) added: 1

Testing SSH connection to 192.168.1.10
server1
Testing SSH connection to 192.168.1.11
server2
Testing SSH connection to 192.168.1.12
server3