CentOS Installation configuration ssh

Installing SSH
Yum Install SSH

Start SSH
Service sshd Start

Set the boot up run
Chkconfig sshd on

Related configuration file modifications
[Root@sample ~]# vi/etc/ssh/sshd_config← Open SSH configuration file with VI

#Protocol 2,1← Find this line will be "#" Delete, and then the end of the line ", 1" delete, only allow SSH2 mode of connection
↓
Protocol 2← changed to this state, use only SSH2

#ServerKeyBits 768← Find this line, remove the "#" from the beginning and change 768 to 1024
↓
Serverkeybits 1024← changed to this state, change Serverkey strength to 1024-bit

#PermitRootLogin yes← Find this line, remove the "#" from the beginning and change Yes to No
↓
Permitrootlogin no← changed to this state, not allowed to log in with root

#PasswordAuthentication yes← Find this line, change Yes to No
↓
Passwordauthentication no← changed to this state, do not allow password mode of login

#PermitEmptyPasswords no← found this line to remove the "#" of the wardrobe and not allow a blank password to log in
↓
Permitemptypasswords no← changed to this state, disable blank password to log in

Because we only want to make the SSH service convenient for the management system, we only allow intranet clients to log on to the server via SSH to minimize the security factor without the external network remote Management system. The Setup method is as follows:
[Root@sample ~]# vi/etc/hosts.deny← Modify the masking rules, add the corresponding line at the end of the text

#
# Hosts.deny This file describes the names of the hosts which is
# *not* allowed to use the local INET services, as decided
# by the '/USR/SBIN/TCPD ' server.
#
# The Portmap line was redundant, but it was left to remind
# The new secure Portmap uses Hosts.deny and Hosts.allow. In particular
# should know that NFS uses portmap!

sshd:all← Add this line to block requests from all SSH connections

[Root@sample ~]# vi/etc/hosts.allow← Modify the Allow rule, add the corresponding line at the end of the text

#
# Hosts.allow This file describes the names of the hosts which is
# allowed to use the local INET services, as decided
# by the '/USR/SBIN/TCPD ' server.
#

sshd:192.168.0. ← Add this line to allow only SSH connection requests from the intranet

Note: Hosts.deny and Hosts.allow can not be modified in simple configuration,

In case of this two files read only, you can chmod right

Finally restart SSH boot
#/etc/rc.d/init.d/sshd Restart

CentOS Installation configuration ssh