So got a Tunnelier + Proxy switchy with OpenVZ VPS to scientific Internet, plus autoproxy rules, change a way, also changed the mood.
The full name of SSH is Secureshell. By using SSH, all transmitted data can be encrypted so that the man-in-the-middle attack is not possible and can prevent DNS and IP spoofing. SSH to do SOCKS5 agent, local port forwarding can achieve scientific access to the Internet.
In order to restrict SSH for TCP encrypted transmissions only, it is necessary to create a new, least-privileged SSH account. The steps are as follows (note: This tutorial applies to CentOS, RedHat, Fedora):
1, Root login VPS, enter the following command to create a user with the lowest permissions (note: Change the username to the username you want):
Useradd-m-s/sbin/nologin-n username
2, modify the user's password:
passwd username
Enter password two times according to the prompts
。
Finish the work.
Enjoy the fun of the SSH agent!
Add:
1, about SSH agent software, there are tunnelier and myentunnel two choices, generally I will choose the former.
Download Address: Click here
2, with the above command to establish the user has been the minimum authority, with this account login putty or WINSCP, will make the program automatically shut down or error, such as WINSCP will appear: Cannot initialize SFTP. Is the host running a SFTP server? prompt.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
