前情介绍
在windows使用MobaXterm,非常奥利给!界面如下:
但是在mac下并没有集成环境需要安装x11客户端。
这里提供一种可以在Mac中自带Terminal中打开图形界面的方法。
准备工作
安装Xquartz
使用homebrew安装
1
brew install Xquartz
配置Mac端的ssh用户设置
使用root权限用vim打开/private/etc/ssh/ssh_config并编辑
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54$OpenBSD: ssh_config,v 1.34 2019/02/04 02:39:42 dtucker Exp $
This is the ssh client system-wide configuration file. See
ssh_config(5) for more information. This file provides defaults for
users, and the values can be changed in per-user configuration files
or on the command line.
Configuration data is parsed as follows:
1. command line options
2. user-specific file
3. system-wide file
Any configuration value is only changed the first time it is set.
Thus, host-specific definitions should be at the beginning of the
configuration file, and defaults at the end.
Site-wide defaults for some commonly used options. For a comprehensive
list of available options, their meanings and defaults, please see the
ssh_config(5) man page.
Host *
ForwardAgent no
ForwardX11 no
PasswordAuthentication yes
HostbasedAuthentication no
GSSAPIAuthentication no
GSSAPIDelegateCredentials no
BatchMode no
CheckHostIP yes
AddressFamily any
ConnectTimeout 0
StrictHostKeyChecking ask
IdentityFile ~/.ssh/id_rsa
IdentityFile ~/.ssh/id_dsa
IdentityFile ~/.ssh/id_ecdsa
IdentityFile ~/.ssh/id_ed25519
Port 22
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc
MACs hmac-md5,hmac-sha1,umac-64@openssh.com
EscapeChar ~
Tunnel no
TunnelDevice any:any
PermitLocalCommand no
VisualHostKey no
ProxyCommand ssh -q -W %h:%p gateway.example.com
RekeyLimit 1G 1h
Host *
SendEnv LANG LC_*
XAuthLocation added by XQuartz (http://www.xquartz.org)
Host *
XAuthLocation /opt/X11/bin/xauth
ForwardX11 yes 添加这一句
配置linux端的ssh用户设置
在linux端使用root权限vim编辑/etc/ssh/sshd_config
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89$OpenBSD: sshd_config,v 1.101 2017/03/14 07:19:07 djm Exp $
This is the sshd server system-wide configuration file. See
sshd_config(5) for more information.
This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
The strategy used for options in the default sshd_config shipped with
OpenSSH is to specify options with their default value where
possible, but leave them commented. Uncommented options override the
default value.
Port 22
AddressFamily any
ListenAddress 0.0.0.0
ListenAddress ::
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
Ciphers and keying
RekeyLimit default none
Logging
SyslogFacility AUTH
LogLevel INFO
Authentication:
LoginGraceTime 2m
PermitRootLogin prohibit-password
StrictModes yes
MaxAuthTries 6
MaxSessions 10
PubkeyAuthentication yes
Expect .ssh/authorized_keys2 to be disregarded by default in future.
AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
AuthorizedPrincipalsFile none
AuthorizedKeysCommand none
AuthorizedKeysCommandUser nobody
For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
HostbasedAuthentication no
Change to yes if you don't trust ~/.ssh/known_hosts for
HostbasedAuthentication
IgnoreUserKnownHosts no
Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords no
Change to yes to enable challenge-response passwords (beware issues with
some PAM modules and threads)
ChallengeResponseAuthentication no
Kerberos options
KerberosAuthentication no
KerberosOrLocalPasswd yes
KerberosTicketCleanup yes
KerberosGetAFSToken no
GSSAPI options
GSSAPIAuthentication no
GSSAPICleanupCredentials yes
GSSAPIKeyExchange no
Set this to 'yes' to enable PAM authentication, account processing,
and session processing. If this is enabled, PAM authentication will
be allowed through the ChallengeResponseAuthentication and
PasswordAuthentication. Depending on your PAM configuration,
PAM authentication via ChallengeResponseAuthentication may bypass
the setting of "PermitRootLogin without-password".
If you just want the PAM account and session checks to run without
PAM authentication, then enable this but set PasswordAuthentication
and ChallengeResponseAuthentication to 'no'.
UsePAM yes
AllowAgentForwarding yes
AllowTcpForwarding yes
GatewayPorts no
X11Forwarding yes 添加这一句
X11DisplayOffset 10 添加这一句重启ssh服务
1
$ service ssh restart
连接linux并验证
启动Xquartz
使用ssh加-X(注意大写)远程服务器
1
ssh -X root@192.168.5.5
使用xclock验证
1
linux $ xclock
补充
如果遇到
1 | linux $xauth key data not generated |
在mac下编辑~/.ssh/config,添加 ForwardX11Trusted yes