Detailed explanation of ssh server core configuration file sshd_config

Enterprise 2023-09-08 21:02:27 views: null

1. Introduction

The core configuration file of the ssh server is sshd_config

In Linux systems, it is usually in /etc/ssh/sshd_config

In Windows systems, it is generally stored in C:\ProgramData\ssh\sshd_config

Detailed explanation of parameters

port 22

Listening port, the default port is 22. For security reasons, it is recommended to change it to other ports. I usually change it to: 61133

AddressFamily any

Listening protocol, the default is any, that is, listening to both IPv4 and IPv6 protocols at the same time. If you only need to listen to IPv4, please change this configuration to inet If you only need to listen to IPv6, please change this configuration to inet6

ListenAddress 0.0.0.0

IPv4 listening address. By default, it listens to the IPv4 protocol addresses of all network cards. If the host has multiple network cards configured with multiple addresses and you need to only monitor the IPv4 address of a certain network card, you can configure this parameter to the network card address that needs to be monitored.

ListenAddress ::

IPv6 listening address. By default, it listens to the IPv6 protocol addresses of all network cards. When you need to monitor only the IPv4 address of a certain network card, you can configure this parameter to the network card address that needs to be monitored.

PermitRootLogin prohibit-password

Allow root remote login, prohibit password. Generally it needs to be modified to PermitRootLogin no

PasswordAuthentication yes

For password authentication, it is recommended to generate a key and use the key to log in. When password authentication is not required, it needs to be set to no.

PermitEmptyPasswords no

Allow empty password login, default is no. It is recommended to no

AuthorizedKeysFile	.ssh/authorized_keys

The address where the public key is stored. The default value is to check both .ssh/authorized_keys and .ssh/aAuthorized_key2, but this will be overwritten, so the installation will only check .ssh/authorized_keys

ShowPatchLevel no

Display patch version information, default is no

Reference links:

https://www.cnblogs.com/xiaogan/p/5902846.html

Guess you like

Origin blog.csdn.net/u011046671/article/details/128365052
Recommended
Rushing to the GitHub hot list——How can open source programming languages and frameworks be so cute?
Beijing Humanoid Robot Innovation Center launches Tiangong, the world's first full-size humanoid robot with purely electric drive for anthropomorphic running
Ranking
8个无需编写代码即可使用 Python 内置库的方法
Java collections interview knowledge Lite
Machine learning algorithms foundation - Introduction a (watermelon materials for the book)
(Easy) Ransom Note - LeetCode
[Five days] Qt from entry to actual combat: the second day
Remember once extremely pit father can not download Maven Jar package of issues: IDEA question
The minimum cost Shortest
OSPF study map (the most complete version)
Network Takeaways
GnuPG
Daily
More
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)

Code World

© 2018 codetd.com