Redhat Configuring the SSH server

Last Update:2015-08-04 Source: Internet

Author: User

Tags ssh server

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

SSH: is a secure channel protocol, which encrypts the data on both sides of the communication, the port number is TCP22, the main profile/etc/ssh/sshd_config,linux the SSH service is installed by default, all users can log on by default.

There are a few things we can look at when using the SSH server:

Disable root User Login
Disable Blank password login
Disable DNS reverse resolution

SSH login methods are divided into:

Password verification
Key pair Validation

When the user connects to the SSH server for the first time, an RSA key is generated, which is saved to the host directory when prompted to enter Yes . SSH

One: Configure the SSH server for password authentication

View SSHD's installation package

650) this.width=650; "style=" Float:none; "title=" 1.png "src=" http://s3.51cto.com/wyfs02/M02/70/E4/ Wkiom1xaczcyta9-aaavthpdehy507.jpg "alt=" Wkiom1xaczcyta9-aaavthpdehy507.jpg "/>

2. Modify the master configuration file

650) this.width=650; "style=" Float:none; "title=" 2.png "src=" http://s3.51cto.com/wyfs02/M00/70/E0/ Wkiol1xadsfg6qr8aaafxwk7dii663.jpg "alt=" Wkiol1xadsfg6qr8aaafxwk7dii663.jpg "/>

3. Port, and version of SSH

650) this.width=650; "style=" Float:none; "title=" 3.png "src=" http://s3.51cto.com/wyfs02/M00/70/E4/ Wkiom1xaczdjug6raaccstd-pb8162.jpg "alt=" Wkiom1xaczdjug6raaccstd-pb8162.jpg "/>

4.permitrootlogin is yes to allow root login, no root login for No

650) this.width=650; "style=" Float:none; "title=" 4.png "src=" http://s3.51cto.com/wyfs02/M01/70/E0/ Wkiol1xadserevl8aacbhxifzmu389.jpg "alt=" Wkiol1xadserevl8aacbhxifzmu389.jpg "/>

5.permitemptypasswords No is a forbidden blank password login, passwordauthentication to enable password authentication

650) this.width=650; "style=" Float:none; "title=" 5.png "src=" http://s3.51cto.com/wyfs02/M01/70/E4/ Wkiom1xaczcdyrqqaabh_l-89s0853.jpg "alt=" Wkiom1xaczcdyrqqaabh_l-89s0853.jpg "/>

6. Disable DNS reverse resolution to increase the speed of SSH; Allowusers to allow that user to connect

650) this.width=650; "style=" Float:none; "title=" 6.png "src=" http://s3.51cto.com/wyfs02/M00/70/E0/ Wkiol1xaddghwwdeaafd7rzir6s535.jpg "alt=" Wkiol1xaddghwwdeaafd7rzir6s535.jpg "/>

7. Restart the SSHD service

650) this.width=650; "style=" Float:none; "title=" 7.png "src=" http://s3.51cto.com/wyfs02/M00/70/E4/ Wkiom1xac9raaytyaabzxw54kso012.jpg "alt=" Wkiom1xac9raaytyaabzxw54kso012.jpg "/>

8. Remote connection to SSH on the client

650) this.width=650; "style=" Float:none; "title=" 8.png "src=" http://s3.51cto.com/wyfs02/M01/70/E0/ Wkiol1xaddhqbzs9aabp9mme2t4109.jpg "alt=" Wkiol1xaddhqbzs9aabp9mme2t4109.jpg "/>

Two: Configure key pair authentication ( the default is to use a key pair when both password authentication and key pair validation are enabled)

The ability to enable key pairs

650) this.width=650; "title=" 9.png "src=" Http://s3.51cto.com/wyfs02/M00/70/E4/wKiom1XAdLDz8lwFAACQg5P9CLo713.jpg " alt= "Wkiom1xadldz8lwfaacqg5p9clo713.jpg"/>

2. Restart the service

3. Create a key pair on the client

650) this.width=650; "style=" Float:none; "title=" 10.png "src=" http://s3.51cto.com/wyfs02/M01/70/E4/ Wkiom1xad8iyqlxgaad9so5i_w8616.jpg "alt=" Wkiom1xad8iyqlxgaad9so5i_w8616.jpg "/>

4. The first one is the input path, and then two for the key pair password

650) this.width=650; "style=" Float:none; "title=" 11.png "src=" http://s3.51cto.com/wyfs02/M00/70/E4/ Wkiom1xad8icbez5aahfh2ucxjm812.jpg "alt=" Wkiom1xad8icbez5aahfh2ucxjm812.jpg "/>

5. Upload the key pair to the user that the host needs to connect remotely, this password is the user password

650) this.width=650; "style=" Float:none; "title=" 12.png "src=" http://s3.51cto.com/wyfs02/M01/70/E1/ Wkiol1xaecdjlhqmaagx_e7jj8g589.jpg "alt=" Wkiol1xaecdjlhqmaagx_e7jj8g589.jpg "/>

6. SSH connection, the first time you need to enter the key pair password, one will not be asked to enter the

650) this.width=650; "style=" Float:none; "title=" 13.png "src=" http://s3.51cto.com/wyfs02/M01/70/E4/ Wkiom1xad8mbujkdaacg0fadtnk103.jpg "alt=" Wkiom1xad8mbujkdaacg0fadtnk103.jpg "/>

Redhat Configuring the SSH server

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More