Deployment and optimization services security Openssh

Others 2020-03-08 21:53:13 views: null

table of Contents

A, Openssh function

  • OpenSSH: is free and open source software SSH (Secure SHell) protocol.
  • Software installation Name: Openssh-server
  • Configuration file: / etc / ssh / sshd_conf
  • The default port: 22
  • Client command: ssh

Two, ssh command

ssh 	remoteUSER@remoteIP
		-l 		指定登录用户
		-i 		指定密钥
		-x 		开启图形
		-p 		指定端口
		-f 		后台运行
		-o 		指定连接参数
		-t 		指定连接跳板

(1) ssh login
Here Insert Picture Description
(2) -l login user specified
Here Insert Picture Description

(3) -x opening pattern
Here Insert Picture Description
Here Insert Picture Description
(4) -p specified port
Here Insert Picture Description
(5) -f background
Here Insert Picture Description

(6) -o connection parameters specified
Here Insert Picture Description
Here Insert Picture Description

(7) -t specified connection springboard
Here Insert Picture Description

Three, key certification services Openssh

1, Openssh authentication method

(1) password authentication
• at least six characters
• contain numbers, letters, underscores the special symbols
• leakiness
• can be brute
• Passwords are easily lost
(2) Key Authentication
• New authentication methods, divided into public and private keys
• Upload the public key server
• private key pair authentication is not misappropriated
• attackers generally can not log in through key server

2、Openssh KEY

Openssh KEY: support rsa and dsa encryption
encryption methods:

生成密钥 	ssh-keygen
上传密钥 	ssh-copy-id 	–i 	keyfile 	remoteUSER@remoteIP

(1) generating a secret key-keygen SSH
Here Insert Picture Description
Here Insert Picture Description
(2) uploading the key ssh-copy-id -i keyfile remoteUSER @ remoteIP
Here Insert Picture Description
Here Insert Picture Description
Here Insert Picture Description

3, the document on Openssh

file Features
~/.ssh/authorized_keys To save the user's public key file
~/.ssh/known_hosts Unique hash code to identify the server
~/.ssh/id_dsa User's private key file
~/.ssh/id_rsa.pub User's public key file

Fourth, the security services to optimize Openssh

Common service sshd configuration parameters:
the configuration file:
• / etc / SSH / sshd_config
configuration parameters:

parameter meaning
Port 22 Listening port
Protocol 2 Specify a protocol version
ListenAddress Binding IP
HostKey Key Path set HostKey
PermitRootLogin Whether to set a super user can log
PubkeyAuthentication Public key authentication switch
PasswordAuthentication Password authentication switch
AllowUsers User white list
DenyUsers Users blacklist
Bleater Gululu
Published 15 original articles · won praise 3 · Views 681
Private letter concerns

Guess you like

Origin blog.csdn.net/weixin_42006882/article/details/104660417
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com