The client version has been installed in Ubuntu for a long time. Lessons learned: how to configure the SSH server

Environment

OS: Ubuntu 12.04

1. Install
Server:

Sudo apt-Get Install SSH OpenSSH-server ssh-import-ID
Client:
Www.163ns.com @ Linux :~ $ Sudo apt-Get install OpenSSH-Client

2. Configuration
2. 1. Modify the ssh port
The default ssh port is 22, which is too eye-catching. We recommend that you change it to another port, such as 3301.
Modify the/etc/ssh/sshd_config file
Replace

# Port 22
Change
Port 3301
Restart the SSH service after modification.

Www.163ns.com @ Linux :~ $ Sudo/etc/init. d/ssh restart

3. log on
There are two methods to log on to the SSH server: password and key file.
3. 1. log on with a password

Www.163ns.com @ Linux :~ $ SSH testuser@192.168.56.101-p3301
Testuser@192.168.56.101's password:
Welcome to Ubuntu 12.04 lts (GNU/Linux 3.2.0-23-generic-pae i686)

* Documentation: https://help.Ubuntu.com/

System information as of Thu May 17 00:31:21 CST 2012

System load: 0.0 processes: 73
Usage of/: 9.1% of 19.18 GB users logged in: 1
Memory usage: 14% IP address for eth0: 192.168.56.101
Swap usage: 0%

Graph this data and manage this system at https://landscape.canonical.com/

Last login: Thu May 17 00:22:04 2012 from 192.168.56.1
If you see such information, the logon is successful.
This method is relatively simple, but the security is slightly poor.
3. 2. Public Key-Private Key Login
First, run

Www.163ns.com @ Linux :~ $ Ssh-keygen-T RSA
Generating public/private RSA key pair.
Enter file in which to save the key (/home/Jim/. Ssh/id_rsa ):
Enter passphrase (empty for no passphrase): // enter your passphrase password. This password will be used later.
Enter same passphrase again:
Your identification has been saved in/home/Jim/. Ssh/id_rsa.
Your public key has been saved in/home/Jim/. Ssh/id_rsa.pub.
The key fingerprint is:
B9: 8f: 4b: e4: A8: 39: 9d: 57: DF: CB: 4E: 6C: 79: 76: DB: 7f www.163ns.com @ Linux
The key's randomart image is:
+ -- [RSA 2048] ---- +
|
|
|
|. |
| S |
| +... |
|... +... = + |
|. OO.. O. +. OE |
| O. O... + O = |
+ ----------------- +
Www.163ns.com @ Linux :~ $
Upload Public Key

Www.163ns.com @ Linux :~ $ Ssh-copy-ID "-P 3301-I ~ /. Ssh/id_rsa.pub testuser@192.168.56.101"
Warning: Identity file ~ /. Ssh/id_rsa.pub not accessible: no such file or directory.
Testuser@192.168.56.101's password:
Now try logging into the machine, with "ssh '-P 3301-I ~ /. Ssh/id_rsa.pub testuser@192.168.56.101 '", and check in:

~ /. Ssh/authorized_keys

To make sure we haven't added extra keys that you weren't expecting.

Www.163ns.com @ Linux :~ $

The program prompts you to connect and try again. Just do it.

Www.163ns.com @ Linux :~ $ Ssh-P 3301-I ~ /. Ssh/id_rsa.pub testuser@192.168.56.101
Welcome to Ubuntu 12.04 lts (GNU/Linux 3.2.0-23-generic-pae i686)

* Documentation: https://help.Ubuntu.com/

System information as of Thu May 17 00:48:35 CST 2012

System load: 0.01 processes: 73
Usage of/: 9.1% of 19.18 GB users logged in: 1
Memory usage: 15% IP address for eth0: 192.168.56.101
Swap usage: 0%

Graph this data and manage this system at https://landscape.canonical.com/

Last login: Thu May 17 00:45:27 2012 from 192.168.56.1
Testuser @ demo-server :~ $ Exit
There is a prompt in the middle, asking you to enter the previous passphrase password, you only need to enter it once, and then no longer need to enter it.
OK. Log On again and try again. This time, the public key is not imported.
Www.163ns.com @ Linux :~ $ SSH testuser@192.168.56.101-P 2201
Welcome to Ubuntu 12.04 lts (GNU/Linux 3.2.0-23-generic-pae i686)

* Documentation: https://help.Ubuntu.com/

System information as of Thu May 17 00:49:08 CST 2012

System load: 0.06 processes: 73
Usage of/: 9.1% of 19.18 GB users logged in: 1
Memory usage: 15% IP address for eth0: 192.168.56.101
Swap usage: 0%

Graph this data and manage this system at https://landscape.canonical.com/

Last login: Thu May 17 00:48:52 2012 from 192.168.56.1
Administrator @ demo-server :~ $ Exit
Logout
Connection to 192.168.56.101 closed.
Www.163ns.com @ Linux :~ $
Log on to the SSH server without entering the password.
Check that there are several files in the local. Ssh directory.

Www.163ns.com @ Linux :~ $ Ls. Ssh-l
Total usage 36
-RW ------- 1 Jim 1766 May 17 00:46 id_rsa // This is the private key
-RW-r -- 1 Jim 396 May 17 00:46 id_rsa.pub // This is the Public Key
-RW-r -- 1 Jim 222 May 17 00:45 known_hosts // This is the public key information of all the SSH servers you have accessed. If this file does not exist, you will be prompted next time you log on.