Set SSH in Ubuntu

The method is as follows: it is extremely easy to install OpenSSHServer In Ubuntu. Only one command is required: sudoapt-getinstallopenssh-server (check the returned results. If no error occurs, enter the IP address of your server using SSH client software such as putty, SecureCRT, and SSHSecureShellClient. Wait for a while if everything is normal. The method is as follows:

Installing OpenSSH Server in Ubuntu is very easy. Only one command is required:
　　Sudo apt-get install openssh-server

 

(View the returned results. If no error occurs, use the SSH Client software such as putty, SecureCRT, and SSH Secure Shell Client to enter the IP address of your server. If everything is normal, you can connect later. And you can log on with the existing user name and password .)

 

Then confirm whether sshserver has started: (or use"Netstat-tlp"Command)

　　Ps-e | grep ssh

If only ssh-agent is available, the ssh-server has not been started./etc/init. d/ssh start is required. If you see sshd, the ssh-server has been started.

 

The ssh-server configuration file is located in/etc/ssh/sshd_config. Here, you can define the SSH service port. The default port is 22. You can define other port numbers, such as 222. Then restart the SSH service:

　　Sudo/etc/init. d/ssh resart

In fact, if you have no special requirements, you can install OpenSSH Server here. However, further setting can shorten the OpenSSH logon time and improve security. All of this is implemented by modifying the openssh configuration file sshd_config.
First, you may find that it takes a long time to prompt you to enter the password after entering the user name. In fact, this is because sshd needs to reverse query the dns information of the client. We can disable this feature to greatly increase the logon speed. First, open the sshd_config file:
Sudo nano/etc/ssh/sshd_config
Find the GSSAPI options section and comment out the following two lines:
# GSSAPIAuthentication yes # GSSAPIDelegateCredentials no and restart the ssh service:
Sudo/etc/init. d/ssh restart
Try again. It should be very fast.
Use PuTTy to log on to the server through certificate authentication
In the SSH service, all content is encrypted and secure. However, if you can use the Certificate for authentication, the security will be further improved, and after some settings, you can also achieve the effect of automatic login for certificate authentication.
First, modify the sshd_config file to enable the certificate authentication option:
RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile % h/. ssh/authorized_keys after modification is completed, restart the ssh service.
Next, we need to create a private key and a public key for the SSH user. First, you need to log on to the account that requires key establishment. Here, you must exit the root user. If necessary, use the su command to switch to another user. Then run:
Ssh-keygen
Here, we can store the generated key in the default directory. The passphrase will be prompted During the creation process, which is equivalent to adding a password to the certificate, which is also a measure to improve security, so even if the certificate is accidentally copied away, It is not afraid. Of course, if this field is left blank, PuTTy will automatically log on to the system after passing the certificate authentication.
The ssh-keygen command generates two keys. First, we need to rename the public key to the server:
Cd ~ /. Ssh mv id_rsa.pub authorized_keys, copy the private key id_rsa from the server, and delete the id_rsa file on the server.
The settings on the server are complete. The following steps need to be done on the client computer. First, we need to convert the id_rsa file to the format supported by PuTTy. Here we need to use the PuTTyGEN tool:
Click the Load button on the PuTTyGen interface, select the id_rsa file, enter passphrase (if any), and then click Save PrivateKey. The private key accepted by PuTTy is ready.
Open PuTTy, enter the Server IP address in the Session, click the Browse button under Connection-> SSH-> Auth, and select the generated private key. Return to the Connection option and enter the User Name of the certificate in Auto-login username. Return to the Session tab and enter a name to Save the Session. Click Open at the bottom to log on to the server through certificate authentication. If passphrase exists, passphrase is required during the logon process. Otherwise, it is very convenient to log on directly to the server.