SSHSSH
安全外壳 (SSH) 是一种网络协议,它为在不安全的网络上安全地运行网络服务提供加密。Secure Shell (SSH) is a network protocol that provides encryption for operating network services securely over an unsecured network. SSH 还提供命令行登录、执行远程命令以及安全传输文件等功能。SSH also provides a command-line sign in, executes remote commands, and securely transfer files. 它通常用于基于 UNIX 的系统,如 Linux®。It is commonly used in UNIX-based systems such as Linux®. SSH 取代了 Telnet 协议,后者在不安全的网络中不提供加密。SSH replaces the Telnet protocol, which does not provide encryption in an unsecured network.
Azure Active Directory (Azure AD) 为在 Azure 上运行的基于 Linux® 的系统提供了虚拟机 (VM) 扩展。Azure Active Directory (Azure AD) provides a Virtual Machine (VM) extension for Linux®-based systems running on Azure.
何时使用Use when
使用需要远程登录的基于 Linux® 的 VMWorking with Linux®-based VMs that require remote sign in
在基于 Linux® 的系统中执行远程命令Executing remote commands in Linux®-based systems
在不安全的网络中安全传输文件Securely transfer files in an unsecured network
SSH 与 Azure ADSSH with Azure AD
系统组件Components of system
用户:启动 SSH 客户端以与 Linux® VM 建立连接,并提供用于身份验证的凭据。User: Starts SSH client to set up a connection with the Linux® VMs and provides credentials for authentication.
Web 浏览器:用户与之交互的组件。Web browser: The component that the user interacts with. 它与标识提供者 (Azure AD) 通信,以安全地对用户进行身份验证和授权。It communicates with the Identity Provider (Azure AD) to securely authenticate and authorize the user.
SSH 客户端:驱动连接设置过程。SSH Client: Drives the connection setup process.
Azure AD:使用设备流验证用户的身份,并向 Linux VM 颁发令牌。Azure AD: Authenticates the identity of the user using device flow, and issues token to the Linux VMs.
Linux VM:接受令牌并提供成功连接。Linux VM: Accepts token and provides successful connection.