Home > Developer > Red Hat

Red Hat 7 SSH

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

SSH (Secure Shell) is a secure way to provide remote login protocol, you want to use the SSH protocol to remotely manage the Linux system, you need to deploy the configuration sshd service program. SSHD is based on SSH

Protocol development of a remote Management Service program, not only easy to use, but also to provide two types of security authentication methods:
? Password-based authentication-use the account and password to verify the login;

? Key-based authentication-you need to generate a key pair locally and then upload the public key from the key pair to the server.

Compared to the public key in the server, which is more secure.

The configuration information for the SSHD service is saved in the/etc/ssh/sshd_config file. The file that holds the most important configuration information is called the primary profile, (the general configuration file is in the/etc/service name/service name. conf) and the configuration file has many

Note lines at the beginning of the pound sign, to make these configuration parameters effective, you need to modify the parameters and then remove the previous pound sign.

The parameters and functions contained in the SSHD service configuration file

Parameters Role
Port 22 The default sshd service
ListenAddress 0.0.0.0 Set the IP address that the SSHD server listens on
Protocol 2 Version number of the SSH protocol
Hostkey/etc/ssh/ssh_host_key The location of the DES private key is stored in the SSH protocol version 1 O'Clock
Hostkey/etc/ssh/ssh_host_rsa_key Where the RSA private key is stored, the SSH protocol version is 2 o'clock
Hostkey/etc/ssh/ssh_host_dsa_key When the SSH protocol version is 2 o'clock, the location of the DSA private key is stored
Permitrootlogin Yes Set whether to allow root administrator to log in directly
Strictmodes Yes Direct deny connection when remote user's private key is changed
Maxauthtries 6 Maximum number of password attempts
MaxSessions 10 Maximum number of terminals
Passwordauthentication Yes Whether to allow password authentication
Permitemptypasswords No Whether to allow blank password login (very insecure)

In the RHEL 7 system, the SSHD service program has been installed and enabled by default. Next, use the SSH command to connect remotely, in the form of "ssh [parameter] host IP address". To exit the login, execute the exit command. 

[root@localhost Desktop]# ssh 192.168.10.10
The authenticity of host ‘192.168.10.10 (192.168.10.10)‘ can’t be established.
ECDSA key fingerprint is 35:01:64:40:4c:22:41:f1:2e:2c:75:76:a3:14:47:40.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.10.10' (ECDSA) to the list of known hosts.
Root@192.168.10.10‘s password: Enter your password here
Last login: Tue Oct 2 16:26:24 2018
[root@localhost ~]# exit
Logout
Connection to 192.168.10.10 closed.
[root@localhost Desktop]#

Prevent root administrator from logging in

First use the Vim text editor to open the main configuration file of the SSHD service, then remove the pound sign (#) before the 48th line #permitrootlogin Yes parameter, and change the parameter value Yes to No, so it is no longer

Allows the root administrator to log on remotely. 


[root@localhost Desktop]# vim /etc/ssh/sshd_config
..................Omit some output information..................47 #LoginGraceTime 2m
  48 PermitRootLogin no
  49 #StrictModes yes
  50 #MaxAuthTries 6
  51 #MaxSessions 10
..................Omit some output information..................



A Generic Service program does not get the latest parameters immediately after the configuration file is modified. If you want the new configuration file to take effect, you will need to manually restart the appropriate service program. It is best to add this service to the boot

Startup item so that the next time the system is started, the service program will run automatically and continue to serve the user.

systemctl Restart sshd Systemctl Enable sshd 

When the root administrator attempts to access the SSHD service program, the system will prompt for inaccessible error messages.
[Email protected] desktop]#192.168.  10.10


[email protected]192.168. 10.10 '  try again.

Red Hat 7 SSH

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
red hat eap 7 red hat linux 7 red hat linux 7 3 red hat linux 7 2 iso download red hat linux 7 2 iso download red hat enterprise linux 7 2 red hat enterprise linux 7 iso image free download
Related Article
"Book review" Rhcsa/rhce Red Hat Linux Certification Learning...
Red Hat Enterprise Linux hardware certification-test Suite Us...
Why do I-"CPU soft lockup" messages in Red Hat Enterprise Lin...
Red Hat's virtual desktop: Spice__spice
Implement container safety automation with Red Hat OpenShift

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More