有關 安裝及Hard Core SSH Server 之事宜

apt-get install ssh


/etc/ssh/sshd_config

Port 22
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
UsePrivilegeSeparation yes
KeyRegenerationInterval 3600
ServerKeyBits 768
SyslogFacility AUTH
LogLevel INFO
LoginGraceTime 600
PermitRootLogin no
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys
IgnoreRhosts yes
RhostsRSAAuthentication no
HostbasedAuthentication no
PermitEmptyPasswords no
PasswordAuthentication no
X11Forwarding no
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
KeepAlive yes
Subsystem sftp /usr/lib/sftp-server
UsePAM yes



  1. Chroot SSH
    如何將SSH User chrooted, 不過用以下的方法的話,每次更新都要用人手compile一次,有點兒麻煩。
    https://syiron.wordpress.com/2006/05/09/chroot-ssh/

  2. Getting started with SSH
    必看以下文章,因為可以不用密碼或用密碼+Key來進入ssh,這樣會相對地「保險」一點。
    http://kimmo.suominen.com/docs/ssh/



Comments

Post a Comment

Popular Posts