Ubuntu Configuration SSH Server

Source: Internet
Author: User
Tags ssh server

SSH is the abbreviation for secure Shell, which is developed by the IETF Network Working Group, and SSH is a security protocol based on the application layer and the transport layer. SSH is currently a more reliable protocol that provides security for Telnet sessions and other network services. The use of SSH protocol can effectively prevent the information leakage in the remote management process.

SSH is divided into client and server. The server is a daemon, typically an sshd process that runs in the background and responds to requests from the client. Provides processing of remote requests, typically including public key authentication, key exchange, symmetric key encryption, and unsecured connections.

  Environment: win7_64 bit +vmware11+ubuntu1204

  1, download and install

   sudo apt-get install openssh-server openssh-client

  2, configuration

sudo vi/etc/ssh/sshd_config

Generally only modify the Permitrootlogin value to No, the root login is not allowed, others remain the default.

    Detailed configuration file:

Port 22
"Port" sets the port number of the sshd listener.

ListenAddress 192.168.1.1
"ListenAddress" sets the IP address of the SSHD server binding.

Hostkey/etc/ssh/ssh_host_key
"Hostkey" Sets the file that contains the computer's private key. Keyregenerationinterval 3600
"Keyregenerationinterval" sets the number of seconds after which the server's key is automatically regenerated (if the key is used). The rekey is regenerated to prevent the intercepted information from being decrypted with the stolen key.
Serverkeybits 768
"Serverkeybits" defines the number of bits of the server key.

Syslogfacility AUTH
"Syslogfacility" sets whether "facility code" is given when recording messages from Sshd.

LogLevel INFO
The "LogLevel" setting records the level of the SSHD log message. Info is a good choice. See the man help page for sshd for more information. Logingracetime 120
"Logingracetime" Sets the time, in seconds, that the server waits before disconnecting the connection if the user cannot log on successfully.
Permitrootlogin No
"Permitrootlogin" setting root can be logged in with SSH. This option must not be set to "yes". Strictmodes Yes
"Strictmodes" Sets whether SSH checks the permissions and ownership of the user home directory and the rhosts file before receiving the logon request. This is usually necessary because novices often set their own directories and files to anyone with write access.
Clientaliveinterval 300 (default = 0)
This parameter means that every 5 minutes, the server sends a message to the client to keep the connection

Ignorerhosts Yes
The "ignorerhosts" setting verifies whether the "rhosts" and "shosts" files are used.

Ignoreuserknownhosts Yes
"Ignoreuserknownhosts" sets whether SSH daemon ignores the user's "$HOME/.ssh/known_hosts" when Rhostsrsaauthentication security authentication is performed

X11forwarding No
The "x11forwarding" setting allows X11 forwarding.

PRINTMOTD Yes
"PRINTMOTD" Sets whether sshd displays the information in "/ETC/MOTD" when the user logs in.

Rhostsauthentication No
The "rhostsauthentication" setting is sufficient for security verification only with rhosts or "/etc/hosts.equiv".

Rhostsrsaauthentication No
The "Rhostsrsa" setting allows for security verification with RSA or "/etc/hosts.equiv" with rhosts.

Rsaauthentication Yes
The "rsaauthentication" setting allows only RSA security authentication.

Passwordauthentication Yes
The "passwordauthentication" setting allows password validation.

Permitemptypasswords No
The "Permitemptypasswords" setting allows you to log in with an account with a blank password.

Allowusers Admin
"Allowusers" can be followed by any number of user name matching string (patterns) or [email protected] Such a matching string, these strings are separated by a space. The host name can be a DNS name or an IP address.

3, start the service

Sudo/etc/init.d/ssh restart

Or

   sudo service ssh restart

  4, Application

Linux:

Ssh-l <user> <IP>

SSH <user>@<IP>

SSH <IP>

Windows:     ssh telnet using putty

  

Note: SSH includes SCP, SFTP and other network services, can be file management.

Ubuntu Configuration SSH Server

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.