尊龙凯时人生就是博

×èÖ¹³£¼ûµÄSSHÇå¾²Îó²îºÍ¹¥»÷£º±£»¤ÄúµÄLinuxЧÀÍÆ÷

×èÖ¹³£¼ûµÄSSHÇå¾²Îó²îºÍ¹¥»÷£º±£»¤ÄúµÄLinuxЧÀÍÆ÷

СÐò£º

ÔÚµ±½ñÊý×Ö»¯Ê±´ú£¬LinuxЧÀÍÆ÷ÒѳÉΪÐí¶à×éÖ¯ºÍСÎÒ˽È˲»¿É»òȱµÄÒ»²¿·Ö¡£È»¶ø£¬ÕýÈçËùÓл¥ÁªÍøÏà¹ØµÄÊÖÒÕÒ»Ñù£¬LinuxЧÀÍÆ÷Ò²ÃæÁÙ×ÅÇå¾²Íþв¡£ÆäÖУ¬SSH£¨Secure Shell£©ÊÇÔ¶³ÌÖÎÀíºÍ´«ÊäÎļþµÄ³£ÓÃЭÒ顣ΪÁËÈ·±£ÄúµÄLinuxЧÀÍÆ÷µÄÇå¾²ÐÔ£¬±¾ÎĽ«ÏÈÈÝһЩ×èÖ¹³£¼ûSSHÇå¾²Îó²îºÍ¹¥»÷µÄÒªÁ죬²¢ÌṩÏà¹Ø´úÂëʾÀý¡£

Ò»¡¢¸ü¸ÄSSHĬÈ϶˿Ú

ĬÈÏÇéÐÎÏ£¬SSHЧÀÍÆ÷¼àÌý22ºÅ¶Ë¿Ú¡£ÕâºÜÈÝÒ×±»ºÚ¿Í·¢Ã÷²¢ÊµÑ鱩Á¦ÆƽâÃÜÂ롣ΪÁËÔöÌíÇå¾²ÐÔ£¬Äú¿ÉÒÔ½«SSH¶Ë¿Ú¸ü¸ÄΪ·Ç±ê×¼¶Ë¿Ú£¬ÀýÈç2222¡£ÕâÑù¿ÉÒÔïÔÌ­¶ñÒâÈëÇÖµÄΣº¦¡£Òª¸ü¸ÄSSH¶Ë¿Ú£¬Çë±à¼­SSHЧÀÍÆ÷ÉèÖÃÎļþ/etc/ssh/sshd_config£¬ÕÒµ½²¢ÐÞ¸ÄÒÔÏÂÐУº

#Port 22
Port 2222

µÇ¼ºó¸´ÖÆ

È»ºóÖØÆôSSHЧÀÍ¡£

¶þ¡¢½ûÓÃSSHÃÜÂëµÇ¼£¬ÆôÓÃSSHÃÜÔ¿ÈÏÖ¤

SSHÃÜÂëµÇ¼ÈÝÒ×Êܵ½±©Á¦ÆƽâµÄ¹¥»÷¡£ÎªÁËÌá¸ßÇå¾²ÐÔ£¬ÎÒÃǽ¨Òé½ûÓÃSSHÃÜÂëµÇ¼£¬Ö»ÔÊÐíSSHÃÜÔ¿ÈÏÖ¤¡£SSHÃÜÔ¿ÈÏ֤ʹÓù«Ô¿ºÍ˽Կ¾ÙÐÐÉí·ÝÑéÖ¤£¬±È¹Å°åµÄÃÜÂë·½·¨Ô½·¢Çå¾²¿É¿¿¡£

ÌìÉúSSHÃÜÔ¿¶Ô

ÔÚÍâµØÅÌËã»úÉÏÌìÉúSSHÃÜÔ¿¶Ô¡£·­¿ªÖնˣ¬ÊäÈëÒÔÏÂÏÂÁ

ssh-keygen -t rsa

µÇ¼ºó¸´ÖÆ

ƾ֤ÌáÐѲÙ×÷£¬ÌìÉúµÄÃÜÔ¿»áÉúÑÄÔÚ~/.sshĿ¼Ï¡£

ÉÏ´«¹«Ô¿µ½Ð§ÀÍÆ÷

½«ÌìÉúµÄ¹«Ô¿ÉÏ´«µ½Ð§ÀÍÆ÷ÉÏ£¬¿ÉÒÔʹÓÃÒÔÏÂÏÂÁ

ssh-copy-id -i ~/.ssh/id_rsa.pub user@your_server_ip

µÇ¼ºó¸´ÖÆ

ÆäÖÐuserÊÇÄúµÄÓû§Ãû£¬your_server_ipÊÇЧÀÍÆ÷µÄIPµØµã¡£

ÐÞ¸ÄSSHÉèÖÃÎļþ

±à¼­SSHЧÀÍÆ÷ÉèÖÃÎļþ/etc/ssh/sshd_config£¬ÕÒµ½²¢ÐÞ¸ÄÒÔÏÂÐУº

PasswordAuthentication no
PubkeyAuthentication yes

µÇ¼ºó¸´ÖÆ

È»ºóÖØÆôSSHЧÀÍ¡£

Èý¡¢ÏÞÖÆSSHÓû§µÇ¼

ΪÁËÔöÌíЧÀÍÆ÷µÄÇå¾²ÐÔ£¬Äú¿ÉÒÔÏÞÖÆÖ»ÔÊÐíÌض¨µÄÓû§µÇ¼SSH¡£ÕâÑù¿ÉÒÔ±ÜÃâδÊÚȨµÄ»á¼û¡£

½¨ÉèרÓÃSSH×é

ÔÚLinuxЧÀÍÆ÷ÉÏʹÓÃÒÔÏÂÏÂÁÉèÒ»¸öרÓõÄSSHÓû§×飺

sudo groupadd sshusers

µÇ¼ºó¸´ÖÆ

Ìí¼ÓÔÊÐíSSH»á¼ûµÄÓû§

ʹÓÃÒÔÏÂÏÂÁÓû§Ìí¼Óµ½SSHÓû§×飺

sudo usermod -aG sshusers username

µÇ¼ºó¸´ÖÆ

ÆäÖÐusernameÊÇÄúÒªÌí¼ÓµÄÓû§Ãû¡£

ÐÞ¸ÄSSHÉèÖÃÎļþ

±à¼­SSHЧÀÍÆ÷ÉèÖÃÎļþ/etc/ssh/sshd_config£¬ÕÒµ½²¢ÐÞ¸ÄÒÔÏÂÐУº

AllowGroups sshusers

µÇ¼ºó¸´ÖÆ

È»ºóÖØÆôSSHЧÀÍ¡£

ËÄ¡¢ÏÞÖÆSSHµÇ¼ʵÑé´ÎÊý

±©Á¦ÆƽâÊǺڿͳ£ÓõĹ¥»÷·½·¨Ö®Ò»¡£ÎªÁ˱ÜÃⱩÁ¦ÆƽâSSHÃÜÂ룬ÎÒÃÇ¿ÉÒÔÏÞÖÆSSHµÇ¼ʵÑé´ÎÊý£¬²¢ÉèÖõǼʧ°Üեȡһ¶Îʱ¼ä¡£

×°ÖÃʧ°ÜµÇ¼ʵÑé¼ÆÊýÆ÷

ʹÓÃÒÔÏÂÏÂÁî×°ÖÃfail2ban£º

sudo apt-get install fail2ban

µÇ¼ºó¸´ÖÆ

ÉèÖÃfail2ban

±à¼­fail2banÉèÖÃÎļþ/etc/fail2ban/jail.local£¬Ìí¼ÓÒÔÏÂÄÚÈÝ£º

[sshd]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 5
bantime = 3600

µÇ¼ºó¸´ÖÆ

È»ºóÖØÆôfail2banЧÀÍ¡£

×ܽ᣺

ͨ¹ý¸ü¸ÄSSHĬÈ϶˿ڡ¢½ûÓÃSSHÃÜÂëµÇ¼¡¢ÆôÓÃSSHÃÜÔ¿ÈÏÖ¤¡¢ÏÞÖÆSSHÓû§µÇ¼ºÍÏÞÖÆSSHµÇ¼ʵÑé´ÎÊý£¬Äú¿ÉÒÔ´ó´óÔöÇ¿LinuxЧÀÍÆ÷µÄÇå¾²ÐÔ£¬²¢×èÖ¹³£¼ûµÄSSHÇå¾²Îó²îºÍ¹¥»÷¡£±£»¤ÄúµÄЧÀÍÆ÷²»±»Î´¾­ÊÚȨµÄ»á¼ûÊÇÄú×÷ΪϵͳÖÎÀíÔ±µÄÔðÈÎÖ®Ò»¡£

²Î¿¼´úÂëʾÀý½ö¹©²Î¿¼£¬ÏêϸʵÑé¿ÉÄÜÒòЧÀÍÆ÷ÇéÐκÍÐèÇó¶øÓÐËù²î±ð¡£ÔÚʵÑéʱ£¬ÇëÎñ±ØÉóÉ÷²Ù×÷£¬²¢È·±£±¸·ÝÊý¾ÝÒÔ×èÖ¹ÒâÍâÇéÐεı¬·¢¡£

ÒÔÉϾÍÊÇ×èÖ¹³£¼ûµÄSSHÇå¾²Îó²îºÍ¹¥»÷£º±£»¤ÄúµÄLinuxЧÀÍÆ÷µÄÏêϸÄÚÈÝ£¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡

ÃâÔð˵Ã÷£ºÒÔÉÏչʾÄÚÈÝȪԴÓÚÏàÖúýÌå¡¢ÆóÒµ»ú¹¹¡¢ÍøÓÑÌṩ»òÍøÂçÍøÂçÕûÀí£¬°æȨÕùÒéÓë±¾Õ¾Î޹أ¬ÎÄÕÂÉæ¼°¿´·¨Óë¿´·¨²»´ú±í尊龙凯时人生就是博ÂËÓÍ»úÍø¹Ù·½Ì¬¶È£¬Çë¶ÁÕß½ö×ö²Î¿¼¡£±¾ÎĽӴýתÔØ£¬×ªÔØÇë˵Ã÷À´ÓÉ¡£ÈôÄúÒÔΪ±¾ÎÄÇÖÕ¼ÁËÄúµÄ°æȨÐÅÏ¢£¬»òÄú·¢Ã÷¸ÃÄÚÈÝÓÐÈκÎÉæ¼°ÓÐÎ¥¹«µÂ¡¢Ã°·¸Ö´·¨µÈÎ¥·¨ÐÅÏ¢£¬ÇëÄúÁ¬Ã¦ÁªÏµ尊龙凯时人生就是博ʵʱÐÞÕý»òɾ³ý¡£

Ïà¹ØÐÂÎÅ

ÁªÏµ尊龙凯时人生就是博

13452372176

¿É΢ÐÅÔÚÏß×Éѯ

ÊÂÇéʱ¼ä£ºÖÜÒ»ÖÁÖÜÎ壬9:30-18:30£¬½ÚãåÈÕÐÝÏ¢

QR code
sitemap¡¢ÍøÕ¾µØͼ