{"id":141,"date":"2025-08-21T22:07:41","date_gmt":"2025-08-21T14:07:41","guid":{"rendered":"https:\/\/www.mooloco.com\/?p=141"},"modified":"2025-08-22T21:00:06","modified_gmt":"2025-08-22T13:00:06","slug":"openssh","status":"publish","type":"post","link":"https:\/\/www.mooloco.com\/?p=141","title":{"rendered":"OpenSSH"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\"><em><strong>OpenSSH<\/strong>\uff08Open Secure Shell\uff09\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u7f51\u7edc\u5de5\u5177\u5957\u4ef6\uff0c\u4e3b\u8981\u7528\u4e8e <strong>\u5b89\u5168\u8fdc\u7a0b\u767b\u5f55\u548c\u6570\u636e\u4f20\u8f93<\/strong>\u3002<br>\u5b83\u57fa\u4e8e <strong>SSH \u534f\u8bae<\/strong>\uff0c\u53d6\u4ee3\u4e86\u65e9\u671f\u4e0d\u5b89\u5168\u7684 telnet\u3001rlogin\u3001ftp \u7b49\u660e\u6587\u5de5\u5177\u3002<\/em><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>SSH\u5ba2\u6237\u7aef&lt;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&gt;SSH\u670d\u52a1\u7aef<br>\u6570\u636e\u4f20\u8f93\u662f\u52a0\u5bc6\u7684\uff0c\u53ef\u4ee5\u9632\u6b62\u4fe1\u606f\u6cc4\u6f0f<br>\u6570\u636e\u4f20\u8f93\u662f\u538b\u7f29\u7684\uff0c\u53ef\u4ee5\u63d0\u9ad8\u4f20\u8f93\u901f\u5ea6<\/em><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">OpenSSH \u662f\u5b9e\u73b0SSH\u534f\u8bae\u7684\u5f00\u6e90\u8f6f\u4ef6\u9879\u76ee\uff0c\u9002\u7528\u4e8e\u5404\u79cdUNIX\u3001 Linux \u64cd\u4f5c\u7cfb\u7edf\u3002<br>Centos 7\u7cfb\u7edf\u9ed8\u8ba4\u5df2\u5b89\u88c5openssh\u76f8\u5173\u8f6f\u4ef6\u5305\uff0c\u5e76\u5c06sshd \u670d\u52a1\u6dfb\u52a0\u4e3a\u5f00\u673a\u81ea\u542f\u52a8\u3002<br>\u6267\u884c&#8221;systemctl start sshd&#8221;\u547d\u4ee4\u5373\u53ef\u542f\u52a8sshd \u670d\u52a1<br>sshd \u670d\u52a1\u9ed8\u8ba4\u4f7f\u7528\u7684\u662fTCP\u768422\u7aef\u53e3\uff0c\u5b89\u5168\u534f\u8bae\u7248\u672csshv2\uff0c\u9664\u4e862\u4e4b\u5916\u8fd8\u67091\uff08\u6709\u6f0f\u6d1e\uff09<br><strong>ssh_config\uff1a\u4e3a\u5ba2\u6237\u7aef\u914d\u7f6e\u6587\u4ef6\uff0c\u8bbe\u7f6e\u4e0e\u5ba2\u6237\u7aef\u76f8\u5173\u7684\u5e94\u7528\u53ef\u901a\u8fc7\u6b64\u6587\u4ef6\u5b9e\u73b0<br>sshd_config\uff1a\u4e3a\u670d\u52a1\u5668\u7aef\u914d\u7f6e\u6587\u4ef6\uff0c\u8bbe\u7f6e\u4e0e\u670d\u52a1\u7aef\u76f8\u5173\u7684\u5e94\u7528\u53ef\u901a\u8fc7\u6b64\u6587\u4ef6\u5b9e\u73b0\u3002<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u901a\u4fd7\u610f\u4e49\u4e0a\u7684SSH\u529f\u80fd\u5728\u6b64\u4e0d\u91cd\u590d\u8d58\u8ff0\u3002<\/p>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_75 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.mooloco.com\/?p=141\/#%E6%89%A9%E5%B1%95%E5%91%BD%E4%BB%A4\" >\u6269\u5c55\u547d\u4ee4<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.mooloco.com\/?p=141\/#%E4%BD%BF%E7%94%A8%E5%BF%BD%E7%95%A5%E9%80%89%E9%A1%B9\" >\u4f7f\u7528\u5ffd\u7565\u9009\u9879<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.mooloco.com\/?p=141\/#%E5%88%A0%E9%99%A4%E6%8F%90%E7%A4%BA\" >\u5220\u9664\u63d0\u793a<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.mooloco.com\/?p=141\/#openssh%E6%9C%8D%E5%8A%A1%E5%8C%85%E4%BC%81%E4%B8%9A%E6%89%A9%E5%B1%95\" >openssh\u670d\u52a1\u5305\u4f01\u4e1a\u6269\u5c55<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.mooloco.com\/?p=141\/#%E6%9C%8D%E5%8A%A1%E9%85%8D%E7%BD%AE%E4%B8%8E%E7%AE%A1%E7%90%86\" >\u670d\u52a1\u914d\u7f6e\u4e0e\u7ba1\u7406<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.mooloco.com\/?p=141\/#%E6%9C%8D%E5%8A%A1%E9%85%8D%E7%BD%AE\" >\u670d\u52a1\u914d\u7f6e<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.mooloco.com\/?p=141\/#%E5%AE%89%E5%85%A8%E8%B0%83%E4%BC%98\" >\u5b89\u5168\u8c03\u4f18<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.mooloco.com\/?p=141\/#%E6%B3%A8%E6%84%8F%EF%BC%9A\" >\u6ce8\u610f\uff1a<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/www.mooloco.com\/?p=141\/#%E7%9B%B8%E5%85%B3%E9%85%8D%E7%BD%AE\" >\u76f8\u5173\u914d\u7f6e<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/www.mooloco.com\/?p=141\/#%E6%89%A9%E5%B1%95%E8%AE%A4%E8%AF%81\" >\u6269\u5c55\u8ba4\u8bc1<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/www.mooloco.com\/?p=141\/#%E6%89%A9%E5%B1%95%E5%91%BD%E4%BB%A4%E5%8F%82%E6%95%B0\" >\u6269\u5c55\u547d\u4ee4\u53c2\u6570<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/www.mooloco.com\/?p=141\/#%E4%B8%A4%E7%A7%8D%E9%AA%8C%E8%AF%81%E6%96%B9%E5%BC%8F\" >\u4e24\u79cd\u9a8c\u8bc1\u65b9\u5f0f<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/www.mooloco.com\/?p=141\/#%E5%AF%86%E7%A0%81%E9%AA%8C%E8%AF%81\" >\u5bc6\u7801\u9a8c\u8bc1<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/www.mooloco.com\/?p=141\/#%E5%AF%86%E9%92%A5%E5%AF%B9%E9%AA%8C%E8%AF%81\" >\u5bc6\u94a5\u5bf9\u9a8c\u8bc1<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/www.mooloco.com\/?p=141\/#%E5%AF%B9%E6%AF%94\" >\u5bf9\u6bd4<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-16\" href=\"https:\/\/www.mooloco.com\/?p=141\/#%E6%9E%84%E5%BB%BA%E5%AF%86%E9%92%A5%E5%AF%B9%E9%AA%8C%E8%AF%81%E7%9A%84SSH\" >\u6784\u5efa\u5bc6\u94a5\u5bf9\u9a8c\u8bc1\u7684SSH<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-17\" href=\"https:\/\/www.mooloco.com\/?p=141\/#%E5%85%AC%E9%92%A5%E5%92%8C%E7%A7%81%E9%92%A5%E7%9A%84%E5%85%B3%E7%B3%BB\" >\u516c\u94a5\u548c\u79c1\u94a5\u7684\u5173\u7cfb<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-18\" href=\"https:\/\/www.mooloco.com\/?p=141\/#%E5%AE%9E%E9%AA%8C\" >\u5b9e\u9a8c<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-19\" href=\"https:\/\/www.mooloco.com\/?p=141\/#TCP_Wrappers%E8%AE%BF%E9%97%AE%E6%8E%A7%E5%88%B6\" >TCP Wrappers\u8bbf\u95ee\u63a7\u5236<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-20\" href=\"https:\/\/www.mooloco.com\/?p=141\/#%E8%AE%BF%E9%97%AE%E6%8E%A7%E5%88%B6%E7%9A%84%E5%9F%BA%E6%9C%AC%E5%8E%9F%E5%88%99\" >\u8bbf\u95ee\u63a7\u5236\u7684\u57fa\u672c\u539f\u5219<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-21\" href=\"https:\/\/www.mooloco.com\/?p=141\/#%E7%BB%93%E8%AF%AD\" >\u7ed3\u8bed<\/a><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E6%89%A9%E5%B1%95%E5%91%BD%E4%BB%A4\"><\/span>\u6269\u5c55\u547d\u4ee4<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">ssh\u4f1a\u628a\u6bcf\u4e2a\u8bbf\u95ee\u8fc7\u8ba1\u7b97\u673a\u7684\u516c\u94a5(public key)\u90fd\u8bb0\u5f55\u5728~\/.ssh\/known_hosts\u3002\u5f53\u4e0b\u6b21\u8bbf\u95ee\u76f8\u540c\u8ba1\u7b97\u673a\u65f6\uff0cOpenSSH\u4f1a\u6838\u5bf9\u516c\u94a5\u3002\u5982\u679c\u516c\u94a5\u4e0d\u540c\uff0cOpenSSH\u4f1a\u53d1\u51fa\u8b66\u544a\uff0c \u907f\u514d\u53d7\u5230DNS Hijack\u4e4b\u7c7b\u7684\u653b\u51fb\u3002<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u539f\u56e0\uff1a\u4e00\u53f0\u4e3b\u673a\u4e0a\u6709\u591a\u4e2aLinux\u7cfb\u7edf\uff0c\u4f1a\u7ecf\u5e38\u5207\u6362\uff0c\u90a3\u4e48\u8fd9\u4e9b\u7cfb\u7edf\u4f7f\u7528\u540c\u4e00ip\uff0c\u767b\u5f55\u8fc7\u4e00\u6b21\u540e\u5c31\u4f1a\u628assh\u4fe1\u606f\u8bb0\u5f55\u5728\u672c\u5730\u7684~\/.ssh\/known_hsots\u6587\u4ef6\u4e2d\uff0c\u5207\u6362\u8be5\u7cfb\u7edf\u540e\u518d\u7528ssh\u8bbf\u95ee\u8fd9\u53f0\u4e3b\u673a\u5c31\u4f1a\u51fa\u73b0\u51b2\u7a81\u8b66\u544a\uff0c\u9700\u8981\u624b\u52a8\u5220\u9664\u4fee\u6539known_hsots\u91cc\u9762\u7684\u5185\u5bb9\u3002<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u6b63\u5e38\u60c5\u51b5\u4e0b\u5220\u9664\u8be5\u6587\u4ef6\u5373\u53ef\u91cd\u65b0\u5bf9\u8ba1\u7b97\u673a\u8fdb\u884c\u91cd\u65b0\u8bb0\u5f55\uff0c\u4ee5\u4e0b\u662f\u5176\u4ed6\u7684\u65b9\u6cd5\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E4%BD%BF%E7%94%A8%E5%BF%BD%E7%95%A5%E9%80%89%E9%A1%B9\"><\/span>\u4f7f\u7528\u5ffd\u7565\u9009\u9879<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">\u4f7f\u7528ssh\u8fde\u63a5\u8fdc\u7a0b\u4e3b\u673a\u65f6\u52a0\u4e0a\u201c-o StrictHostKeyChecking=no\u201d\u7684\u9009\u9879\uff0c\u5982\u4e0b\uff1a<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nssh -o StrictHostKeyChecking=no user@192.168.xxx.xxx\n<\/pre><\/div>\n\n\n<p class=\"wp-block-paragraph\">\u6b64\u65f6\u4e0d\u518d\u6838\u5bf9\u516c\u94a5\u5373\u53ef\u7ee7\u7eed\u8fdb\u884c\u767b\u5f55\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E5%88%A0%E9%99%A4%E6%8F%90%E7%A4%BA\"><\/span>\u5220\u9664\u63d0\u793a<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">\u4fee\u6539<code>\/etc\/ssh\/ssh_config<\/code>\uff08\u5ba2\u6237\u7aef\uff09\u6587\u4ef6\uff08\u6216<code>$HOME\/.ssh\/config<\/code>\uff09\u4e2d\u7684\u914d\u7f6e\uff0c\u6dfb\u52a0\u5982\u4e0b\u4e24\u884c\u914d\u7f6e\uff1a<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nStrictHostKeyChecking no  #\u6548\u679c\u4e0e\u4e0a\u9762\u7684\u76f8\u540c\nUserKnownHostsFile \/dev\/null\n<\/pre><\/div>\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"openssh%E6%9C%8D%E5%8A%A1%E5%8C%85%E4%BC%81%E4%B8%9A%E6%89%A9%E5%B1%95\"><\/span>openssh\u670d\u52a1\u5305\u4f01\u4e1a\u6269\u5c55<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><em>OpenSSH\u8f6f\u4ef6\u5305\uff0c\u63d0\u4f9b\u4e86\u670d\u52a1\u7aef\u540e\u53f0\u7a0b\u5e8f\u548c\u5ba2\u6237\u7aef\u5de5\u5177\uff0c\u7528\u6765\u52a0\u5bc6\u8fdc\u7a0b\u63a7\u4ef6\u548c\u6587\u4ef6\u4f20\u8f93\u8fc7\u7a0b\u4e2d\u7684\u6570\u636e\uff0c\u5e76\u7531\u6b64\u6765\u4ee3\u66ff\u539f\u6765\u7684\u7c7b\u4f3c\u670d\u52a1 Telnet \u6216 Ftp\u3002<\/em><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u5b89\u88c5\u5305\uff1a<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">OpenSSH\u670d\u52a1\u9700\u89814\u4e2a\u8f6f\u4ef6\u5305\u3002<br>openssh-5.3p1-114.el6_7.x86_64 #\u5305\u542bOpenSSH\u670d\u52a1\u5668\u53ca\u5ba2\u6237\u7aef\u9700\u8981\u7684\u6838\u5fc3\u6587\u4ef6\u3002<br>openssh-clients-5.3p1-114.el6_7.x86_64 #OpenSSH\u5ba2\u6237\u7aef\u8f6f\u4ef6\u5305\u3002<br>openssh-server-5.3p1-114.el6_7.x86_64 #OpenSSH\u670d\u52a1\u5668\u8f6f\u4ef6\u5305\u3002<br>openssh-askpass-5.3p1-114.el6_7.x86_64 #\u652f\u6301\u5bf9\u8bdd\u6846\u7a97\u53e3\u7684\u663e\u793a\uff0c\u662f\u4e00\u4e2a\u57fa\u4e8eX\u7cfb\u7edf\u7684<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E6%9C%8D%E5%8A%A1%E9%85%8D%E7%BD%AE%E4%B8%8E%E7%AE%A1%E7%90%86\"><\/span>\u670d\u52a1\u914d\u7f6e\u4e0e\u7ba1\u7406<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E6%9C%8D%E5%8A%A1%E9%85%8D%E7%BD%AE\"><\/span>\u670d\u52a1\u914d\u7f6e<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><code>Port 22<\/code> <br>\u25cf SSH \u9884\u8bbe\u4f7f\u7528 22 \u8fd9\u4e2aport\uff0c\u4e5f\u53ef\u4ee5\u4f7f\u7528\u591a\u4e2aport\uff0c\u5373\u91cd\u590d\u4f7f\u7528 port \u8fd9\u4e2a\u8bbe\u5b9a\u9879\uff01<br>\u25cf \u4f8b\u5982\u60f3\u8981\u5f00\u653eSSHD\u7aef\u53e3\u4e3a 22\u548c222\uff0c\u5219\u591a\u52a0\u4e00\u884c\u5185\u5bb9\u4e3a\uff1a Port 222 \u5373\u53ef\u3002<br>\u25cf \u7136\u540e\u91cd\u65b0\u542f\u52a8SSHD\u8fd9\u6837\u5c31\u597d\u4e86\u3002 \u5efa\u8bae\u5927\u5bb6\u4fee\u6539 port number \u4e3a\u5176\u5b83\u7aef\u53e3\uff0c\u9632\u6b62\u522b\u4eba\u66b4\u529b\u7834\u89e3\u3002<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><code>ListenAddress 0.0.0.0<\/code>   <br>\u8bbe\u7f6eSSHD\u670d\u52a1\u5668\u7ed1\u5b9a\u7684IP \u5730\u5740\uff0c0.0.0.0 \u8868\u793a\u4fa6\u542c\u6240\u6709\u5730\u5740<br>\u5b89\u5168\u5efa\u8bae\uff1a\u5982\u679c\u4e3b\u673a\u4e0d\u9700\u8981\u4ece\u516c\u7f51ssh\u8bbf\u95ee\uff0c\u53ef\u4ee5\u628a\u76d1\u542c\u5730\u5740\u6539\u4e3a\u5185\u7f51\u5730\u5740 \u8fd9\u4e2a\u503c\u53ef\u4ee5\u5199\u6210\u672c\u5730IP\u5730\u5740\uff0c\u4e5f\u53ef\u4ee5\u5199\u6210\u6240\u6709\u5730\u5740\uff0c\u53730.0.0.0 \u8868\u793a\u6240\u6709IP\u3002<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><code>Protocol 2<\/code><br>\u8bbe\u7f6e\u534f\u8bae\u7248\u672c\u4e3aSSH1\u6216SSH2\uff0cSSH1\u5b58\u5728\u6f0f\u6d1e\u4e0e\u7f3a\u9677\uff0c\u9009\u62e9SSH2<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><code>UseDNS yes<\/code><br>\u4e00\u822c\u6765\u8bf4\uff0c\u4e3a\u4e86\u8981\u5224\u65ad\u5ba2\u6237\u7aef\u6765\u6e90\u662f\u6b63\u5e38\u5408\u6cd5\u7684\uff0c\u56e0\u6b64\u4f1a\u4f7f\u7528 DNS \u53bb\u53cd\u67e5\u5ba2\u6237\u7aef\u7684\u4e3b\u673a\u540d\uff0c \u4f46\u901a\u5e38\u5728\u5185\u7f51\u4e92\u8fde\u65f6\uff0c\u8be5\u57fa\u8bbe\u7f6e\u4e3a no\uff0c\u56e0\u6b64\u4f7f\u8054\u673a\u901f\u5ea6\u4f1a\u5feb\u4e9b<br>\u6ce8\uff1a\u7981\u7528DNS\u53cd\u5411\u89e3\u6790\uff0c\u4ee5\u63d0\u9ad8\u670d\u52a1\u5668\u7684\u54cd\u5e94\u901f\u5ea6<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><code>SyslogFacility AUTHPRIV<\/code><br>\u5f53\u6709\u4eba\u4f7f\u7528 SSH \u767b\u5165\u7cfb\u7edf\u7684\u65f6\u5019\uff0cSSH \u4f1a\u8bb0\u5f55\u4fe1\u606f\uff0c\u8fd9\u4e2a\u4fe1\u606f\u8981\u8bb0\u5f55\u7684\u7c7b\u578b\u4e3aAUTHPRIV\uff0csshd \u670d\u52a1\u65e5\u5fd7\u5b58\u653e\u5728\uff1a\/var\/log\/secure<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E5%AE%89%E5%85%A8%E8%B0%83%E4%BC%98\"><\/span>\u5b89\u5168\u8c03\u4f18<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><code>LoginGraceTime 2m <\/code><br>\u25cf grace\u610f\u601d\u662f\u7cfb\u7edf\u7ed9\u4e0e\u591a\u5c11\u79d2\u6765\u8fdb\u884c\u767b\u5f55\u3002\uff08\u9ed8\u8ba42\u5206\u949f\uff0c0 \u8868\u793a\u65e0\u9650\u5236\uff09<br>\u25cf \u5f53\u4f7f\u7528\u8005\u8fde\u4e0a SSH server \u4e4b\u540e\uff0c\u4f1a\u51fa\u73b0\u8f93\u5165\u5bc6\u7801\u7684\u753b\u9762\uff0c\u5728\u8be5\u753b\u9762\u4e2d\u3002<br>\u25cf \u5728\u591a\u4e45\u65f6\u95f4\u5185\u6ca1\u6709\u6210\u529f\u8fde\u4e0aSSHserver \u5c31\u5f3a\u8feb\u65ad\u7ebf\uff01\u82e5\u65e0\u5355\u4f4d\u5219\u9ed8\u8ba4\u65f6\u95f4\u4e3a\u79d2\u3002\u53ef\u4ee5\u6839\u636e\u5b9e\u9645\u60c5\u51b5\u6765\u4fee\u6539<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><code>PermitRootLogin yes<\/code><br>\u662f\u5426\u5141\u8bb8 root \u767b\u5165\uff0c\u9ed8\u8ba4\u662f\u5141\u8bb8\u7684\uff0c\u4f46\u662f\u5efa\u8bae\u8bbe\u5b9a\u6210 no\uff0c\u771f\u5b9e\u7684\u751f\u4ea7\u73af\u5883\u670d\u52a1\u5668\uff0c\u662f\u4e0d\u5141\u8bb8root \u8d26\u53f7\u76f4\u63a5\u767b\u9646\u7684\uff0c\u4ec5\u5141\u8bb8\u666e\u901a\u7528\u6237\u767b\u5f55\uff0c\u9700\u8981\u7528\u5230 root \u7528\u6237\u518d\u5207\u6362\u5230root \u7528\u6237\u3002<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><code>PasswordAuthentication yes<\/code><br>\u5bc6\u7801\u9a8c\u8bc1\u5f53\u7136\u662f\u9700\u8981\u7684\uff01\u6240\u4ee5\u8fd9\u91cc\u5199 yes\uff0c\u4e5f\u53ef\u4ee5\u8bbe\u7f6e\u4e3a no\uff0c\u5728\u771f\u5b9e\u7684\u751f\u4ea7\u670d\u52a1\u5668\u4e0a\uff0c\u6839\u636e\u4e0d\u540c\u5b89\u5168\u7ea7\u522b\u8981\u6c42\uff0c\u6709\u7684\u662f\u8bbe\u7f6e\u4e0d\u9700\u8981\u5bc6\u7801\u767b\u9646\u7684\uff0c\u901a\u8fc7\u8ba4\u8bc1\u7684\u79d8\u94a5\u6765\u767b\u9646\u3002<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><code>PermitEmptyPasswords no<\/code><br>\u662f\u5426\u5141\u8bb8\u7a7a\u5bc6\u7801\u7684\u7528\u6237\u767b\u5f55\uff0c\u9ed8\u8ba4\u4e3ano\uff0c\u4e0d\u5141\u8bb8\u7a7a\u5bc6\u7801\u767b\u5f55<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><code>PrintLastLog yes<\/code><br>\u663e\u793a\u4e0a\u6b21\u767b\u5165\u7684\u4fe1\u606f\uff01\u9ed8\u8ba4\u4e3a yes<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><code>MaxAuthTries 6<\/code><br>\u6307\u5b9a\u6bcf\u4e2a\u8fde\u63a5\u6700\u5927\u5141\u8bb8\u7684\u8ba4\u8bc1\u6b21\u6570\u3002\u9ed8\u8ba4\u503c\u662f 6 \u3002<br>\u5982\u679c\u5931\u8d25\u8ba4\u8bc1\u7684\u6b21\u6570\u8d85\u8fc7\u8fd9\u4e2a\u6570\u503c\u7684\u4e00\u534a\uff0c\u8fde\u63a5\u5c06\u88ab\u5f3a\u5236\u65ad\u5f00\uff0c\u4e14\u4f1a\u751f\u6210\u989d\u5916\u7684\u5931\u8d25\u65e5\u5fd7\u6d88\u606f<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><code>AllowUsers<\/code><br>\u5f53\u5e0c\u671b\u53ea\u5141\u8bb8\u6216\u7981\u6b62\u67d0\u4e9b\u7528\u6237\u767b\u5f55\u65f6\uff0c\u53ef\u4ee5\u4f7f\u7528 AllowUsers \u6216 DenyUsers \u914d\u7f6e\uff0c\u4e24\u8005 \u7528\u6cd5\u7c7b\u4f3c\uff08\u6ce8\u610f\u4e0d\u8981\u540c\u65f6\u4f7f\u7528\uff09\u3002\u4e3e\u4f8b\uff1a<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nAllowUsers zhangsan #\u53ea\u5141\u8bb8zhangsan\u4ece\u4efb\u610f\u4f4d\u7f6e\u767b\u5f55\nAllowUsers zhangsan@192.168.1.13 bob@10.0.*   #\u53ea\u5141\u8bb8zhangsan\u4ece192.168.1.13\u767b\u5f55\uff0cbob \u53ef\u4ee5\u4ece 10.0.x.x \u6bb5\u767b\u5f55\n<\/pre><\/div>\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E6%B3%A8%E6%84%8F%EF%BC%9A\"><\/span>\u6ce8\u610f\uff1a<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>\u9ed8\u8ba4\u60c5\u51b5<\/strong>\uff1a\u4e0d\u5199 <code>AllowUsers<\/code> \u65f6\uff0c\u6240\u6709\u5b58\u5728\u4e8e\u7cfb\u7edf\u91cc\u7684\u7528\u6237\u90fd\u53ef\u4ee5\u767b\u5f55\uff08\u5f53\u7136\u8fd8\u5f97\u5bc6\u7801\/\u5bc6\u94a5\u6b63\u786e\uff09\u3002<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>\u5199\u4e86\u4ee5\u540e<\/strong>\uff1a\u53ea\u6709 <code>AllowUsers<\/code> \u5217\u51fa\u7684\u7528\u6237\u624d\u884c\u3002<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u5982\u679c\u540c\u65f6\u914d\u7f6e\u4e86 <code>DenyUsers<\/code> \u548c <code>AllowUsers<\/code>\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>DenyUsers<\/code> \u4f18\u5148\u7ea7\u66f4\u9ad8\u3002<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E7%9B%B8%E5%85%B3%E9%85%8D%E7%BD%AE\"><\/span>\u76f8\u5173\u914d\u7f6e<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>AllowUsers<\/code> \u2192 \u6309\u7528\u6237\u63a7\u5236<\/li>\n\n\n\n<li><code>DenyUsers<\/code> \u2192 \u62d2\u7edd\u67d0\u4e9b\u7528\u6237<\/li>\n\n\n\n<li><code>AllowGroups<\/code> \/ <code>DenyGroups<\/code> \u2192 \u6309\u7528\u6237\u7ec4\u63a7\u5236<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>\u5efa\u8bae\uff1a\u5728\u914d\u7f6e <code>AllowUsers<\/code> \u524d\uff0c\u786e\u4fdd\u81f3\u5c11\u628a\u4f60\u73b0\u5728\u7528\u7684\u7528\u6237\u52a0\u8fdb\u53bb\uff0c\u5426\u5219\u4f60\u4f1a\u88ab\u9501\u5728\u670d\u52a1\u5668\u5916\uff01<\/strong><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E6%89%A9%E5%B1%95%E8%AE%A4%E8%AF%81\"><\/span>\u6269\u5c55\u8ba4\u8bc1<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E6%89%A9%E5%B1%95%E5%91%BD%E4%BB%A4%E5%8F%82%E6%95%B0\"><\/span>\u6269\u5c55\u547d\u4ee4\u53c2\u6570<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><code>ConnectTimeout=3<\/code> \u8fde\u63a5\u8d85\u65f6\u65f6\u95f4\uff0c3\u79d2<br><code>ConnectionAttempts=5<\/code> \u8fde\u63a5\u5931\u8d25\u540e\u91cd\u8bd5\u6b21\u6570\uff0c5\u6b21<br><code>PasswordAuthentication=no<\/code> \u4e0d\u4f7f\u7528\u5bc6\u7801\u8ba4\u8bc1,\u6ca1\u6709\u4e92\u4fe1\u76f4\u63a5\u9000\u51fa<br><code>StrictHostKeyChecking=no<\/code> \u81ea\u52a8\u4fe1\u4efb\u4e3b\u673a\u5e76\u6dfb\u52a0\u5230known_hosts\u6587\u4ef6<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E4%B8%A4%E7%A7%8D%E9%AA%8C%E8%AF%81%E6%96%B9%E5%BC%8F\"><\/span>\u4e24\u79cd\u9a8c\u8bc1\u65b9\u5f0f<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E5%AF%86%E7%A0%81%E9%AA%8C%E8%AF%81\"><\/span>\u5bc6\u7801\u9a8c\u8bc1<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u5bf9\u670d\u52a1\u5668\u4e2d\u672c\u5730\u7cfb\u7edf\u7528\u6237\u7684\u767b\u5f55\u540d\u79f0\u3001\u5bc6\u7801\u8fdb\u884c\u9a8c\u8bc1\u3002\u8fd9\u79cd\u65b9\u5f0f\u4f7f\u7528\u6700\u4e3a\u7b80\u4fbf\uff0c\u4f46\u4ece\u5ba2\u6237\u7aef\u89d2\u5ea6\u6765\u770b\uff0c\u6b63\u5728\u8fde\u63a5\u7684\u670d\u52a1\u5668\u6709\u53ef\u80fd\u88ab\u5047\u5192\uff1b\u4ece\u670d\u52a1\u5668\u89d2\u5ea6\u6765 \u770b\uff0c\u5f53\u906d\u9047\u5bc6\u7801\u7a77\u4e3e\uff08\u66b4\u529b\u7834\u89e3\uff09\u653b\u51fb\u65f6\u9632\u5fa1\u80fd\u529b\u6bd4\u8f83\u5f31\u3002<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">18\u4f4d \u5bc6\u7801\u590d\u6742\u6027\uff08\u5927\u5199\u3001\u5c0f\u5199\u3001\u5b57\u7b26\u3001\u6570\u5b57\uff09 \u7aef\u53e3\uff081023\u4ee5\u4e0a\u53eb\u505a\u9ad8\u4f4d\u7aef\u53e31922\uff09 <\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E5%AF%86%E9%92%A5%E5%AF%B9%E9%AA%8C%E8%AF%81\"><\/span>\u5bc6\u94a5\u5bf9\u9a8c\u8bc1<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u8981\u6c42\u63d0\u4f9b\u76f8\u5339\u914d\u7684\u5bc6\u94a5\u4fe1\u606f\u624d\u80fd\u901a\u8fc7\u9a8c\u8bc1\u3002\u901a\u5e38\u5148\u5728\u5ba2\u6237\u7aef\u4e2d\u521b\u5efa\u4e00\u5bf9\u5bc6\u94a5\u6587\u4ef6\uff08\u516c\u94a5\u3001\u79c1\u94a5\uff09\uff0c\u7136\u540e\u5c06\u516c\u94a5\u6587\u4ef6\u653e\u5230\u670d\u52a1\u5668\u4e2d\u7684\u6307\u5b9a\u4f4d\u7f6e\u3002\u8fdc\u7a0b\u767b\u5f55\u65f6\uff0c\u7cfb\u7edf\u5c06\u4f7f\u7528\u516c\u94a5\u3001\u79c1\u94a5\u8fdb\u884c\u52a0\u5bc6\/\u89e3\u5bc6\u5173\u8054\u9a8c\u8bc1\uff0c\u5927\u5927\u589e\u5f3a\u4e86\u8fdc\u7a0b\u7ba1\u7406\u7684\u5b89\u5168\u6027\u3002\u8be5\u65b9\u5f0f\u4e0d\u6613\u88ab\u5047\u5192\uff0c\u4e14\u53ef\u4ee5\u514d\u4ea4\u4e92\u767b\u5f55\uff0c\u5728 Shell \u4e2d\u88ab\u5e7f\u6cdb\u4f7f\u7528\u3002<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E5%AF%B9%E6%AF%94\"><\/span>\u5bf9\u6bd4<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u5f53\u5bc6\u7801\u9a8c\u8bc1\u3001\u5bc6\u94a5\u5bf9\u9a8c\u8bc1\u90fd\u542f\u7528\u65f6\uff0c<strong>\u670d\u52a1\u5668\u5c06\u4f18\u5148\u4f7f\u7528\u5bc6\u94a5\u5bf9\u9a8c\u8bc1<\/strong>\u3002\u5bf9\u4e8e\u5b89\u5168\u6027\u8981\u6c42\u8f83\u9ad8\u7684\u670d\u52a1\u5668\uff0c\u5efa\u8bae\u5c06\u5bc6\u7801\u9a8c\u8bc1\u65b9\u5f0f\u7981\u7528\uff0c\u53ea\u5141\u8bb8\u542f\u7528\u5bc6\u94a5\u5bf9\u9a8c\u8bc1\u65b9\u5f0f\uff1b\u82e5\u6ca1\u6709\u7279\u6b8a\u8981\u6c42\uff0c\u5219\u4e24\u79cd\u65b9\u5f0f\u90fd\u53ef\u542f\u7528<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E6%9E%84%E5%BB%BA%E5%AF%86%E9%92%A5%E5%AF%B9%E9%AA%8C%E8%AF%81%E7%9A%84SSH\"><\/span>\u6784\u5efa\u5bc6\u94a5\u5bf9\u9a8c\u8bc1\u7684SSH<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E5%85%AC%E9%92%A5%E5%92%8C%E7%A7%81%E9%92%A5%E7%9A%84%E5%85%B3%E7%B3%BB\"><\/span>\u516c\u94a5\u548c\u79c1\u94a5\u7684\u5173\u7cfb<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\">\u25cf\u5728\u975e\u5bf9\u79f0\u52a0\u5bc6\u6280\u672f\u4e2d\uff0c\u6709\u4e24\u79cd\u5bc6\u94a5\uff0c\u5206\u4e3a\u79c1\u94a5\u548c\u516c\u94a5\uff0c\u79c1\u94a5\u662f\u5bc6\u94a5\u5bf9\u6240\u6709\u8005\u6301\u6709\uff0c\u4e0d\u53ef\u516c\u5e03\uff0c\u516c\u94a5\u662f\u5bc6\u94a5\u5bf9\u6301\u6709\u8005\u516c\u5e03\u7ed9\u4ed6\u4eba\u7684\u3002<br>\u25cf\u516c\u94a5\u7528\u6765\u7ed9\u6570\u636e\u52a0\u5bc6\uff0c\u7528\u516c\u94a5\u52a0\u5bc6\u7684\u6570\u636e\u53ea\u80fd\u4f7f\u7528\u79c1\u94a5\u89e3<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u6784\u5efa\u5bc6\u94a5\u5bf9\u9a8c\u8bc1\u7684SSH\u539f\u7406\uff1a<br>\u9996\u5148ssh\u901a\u8fc7\u52a0\u5bc6\u7b97\u6cd5\u5728\u5ba2\u6237\u7aef\u4ea7\u751f\u5bc6\u94a5\u5bf9\uff08\u516c\u94a5\u548c\u79c1\u94a5\uff09\uff0c\u516c\u94a5\u53d1\u9001\u7ed9\u670d\u52a1\u5668\u7aef\uff0c\u81ea\u5df1\u4fdd\u7559\u79c1\u94a5\uff0c\u5982\u679c\u8981\u60f3\u8fde\u63a5\u5230\u5e26\u6709\u516c\u94a5\u7684SSH\u670d\u52a1\u5668\uff0c\u5ba2\u6237\u7aefSSH\u8f6f\u4ef6\u5c31\u4f1a\u5411SSH\u670d\u52a1\u5668\u53d1\u51fa\u8bf7\u6c42\uff0c\u8bf7\u6c42\u7528\u8054\u673a\u7684\u7528\u6237\u5bc6\u94a5\u8fdb\u884c\u5b89\u5168\u9a8c\u8bc1\u3002SSH\u670d\u52a1\u5668\u6536\u5230\u8bf7\u6c42\u4e4b\u540e\uff0c\u4f1a\u5148\u5728\u8be5SSH\u670d\u52a1\u5668\u4e0a\u8fde\u63a5\u7684\u7528\u6237\u7684\u5bb6\u76ee\u5f55\u4e0b\u5bfb\u627e\u4e8b\u5148\u653e\u4e0a\u53bb\u7684\u5bf9\u5e94\u7528\u6237\u7684\u516c\u7528\u5bc6\u94a5\uff0c\u7136\u540e\u628a\u5b83\u548c\u8fde\u63a5\u7684SSH\u5ba2\u6237\u7aef\u53d1\u9001\u8fc7\u6765\u7684\u516c\u7528\u5bc6\u94a5\u8fdb\u884c\u6bd4\u8f83\u3002\u5982\u679c\u4e24\u4e2a\u5bc6\u94a5\u4e00\u81f4\uff0cSSH\u670d\u52a1\u5668\u5c31\u7528\u516c\u94a5\u52a0\u5bc6&#8221;\u8d28\u8be2&#8221;\uff08challenge)\u5e76\u628a\u5b83\u53d1\u9001\u7ed9SSH\u5ba2\u6237\u7aef\u3002<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u5f53\u5bc6\u7801\u9a8c\u8bc1\u3001\u5bc6\u94a5\u5bf9\u9a8c\u8bc1\u90fd\u542f\u7528\u65f6\uff0c\u670d\u52a1\u5668\u5c06\u4f18\u5148\u4f7f\u7528\u5bc6\u94a5\u5bf9\u9a8c\u8bc1\u3002\u53ef\u6839\u636e\u5b9e\u9645\u60c5\u51b5\u8bbe\u7f6e\u9a8c\u8bc1\u65b9\u5f0f\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E5%AE%9E%E9%AA%8C\"><\/span>\u5b9e\u9a8c<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nssh-keygen -t rsa #\u5728\u5ba2\u6237\u7aef\u4e0a\u6267\u884c\uff0c\u751f\u6210\u5bc6\u94a5\u5bf9\n<\/pre><\/div>\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"633\" height=\"424\" src=\"https:\/\/www.mooloco.com\/wp-content\/uploads\/2025\/08\/image-21.png\" alt=\"\" class=\"wp-image-144\" srcset=\"https:\/\/www.mooloco.com\/wp-content\/uploads\/2025\/08\/image-21.png 633w, https:\/\/www.mooloco.com\/wp-content\/uploads\/2025\/08\/image-21-300x201.png 300w\" sizes=\"(max-width: 633px) 100vw, 633px\" \/><\/figure>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nssh-copy-id \/home\/mooloco\/.ssh\/id_rsa.pub root@192.168.1.1 #\u62f7\u8d1d\u516c\u94a5\u5230SSH\u670d\u52a1\u7aef\n#\u6216\u8005\u4e5f\u53ef\u4ee5\u4f7f\u7528\u5e73\u5e38\u7684\u6587\u4ef6\u4f20\u8f93\u65b9\u5f0f\u5c06id_rsa.pub\u5185\u5bb9\u8ffd\u52a0\u5230~\/.ssh\/authorized_keys\u91cc\u9762\n<\/pre><\/div>\n\n\n<p class=\"wp-block-paragraph\">\u5728\u5ba2\u6237\u673a\u8bbe\u7f6essh\u4ee3\u7406\u529f\u80fd\uff0c\u5b9e\u73b0\u514d\u4ea4\u4e92\u767b\u5f55\uff08\u5c06passphrase\u4e5f\u5b9e\u73b0\u514d\u4ea4\u4e92\uff09\uff1a<\/p>\n\n\n<div class=\"wp-block-syntaxhighlighter-code \"><pre class=\"brush: plain; title: ; notranslate\" title=\"\">\nssh-agent bash       #\u5f00\u542fssh\u4ee3\u7406\u529f\u80fd\nssh-add            #\u6dfb\u52a0\u5927\u79d8\u94a5\u5230ssh-agent\u7f13\u5b58 \nEnter passphrase for \/home\/admin\/.ssh\/id_ecdsa:    #\u8f93\u5165\u79c1\u94a5\u7684\u5bc6\u7801\n<\/pre><\/div>\n\n\n<p class=\"wp-block-paragraph\"><strong>\u6b64\u65f6\uff0c\u4f7f\u7528 ssh\u518d\u53bb\u8fde\u63a5\uff0c\u5373\u53ef\u5b9e\u73b0\u56de\u8f66\u5373\u8fdb\u5165console\uff0c\u4e0d\u518d\u8981\u6c42\u9a8c\u8bc1\u51ed\u636e\u3002<\/strong><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"TCP_Wrappers%E8%AE%BF%E9%97%AE%E6%8E%A7%E5%88%B6\"><\/span>TCP Wrappers\u8bbf\u95ee\u63a7\u5236<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><em>\u5c06TCP\u670d\u52a1\u7a0b\u5e8f\u201c\u5305\u88f9&#8221;\u8d77\u6765\uff0c\u4ee3\u4e3a\u76d1\u542cTCP\u670d\u52a1\u7a0b\u5e8f\u7684\u7aef\u53e3\uff0c\u589e\u52a0\u4e86\u4e00\u4e2a\u5b89\u5168\u68c0\u6d4b\u8fc7\u7a0b\uff0c\u5916\u6765\u7684\u8fde\u63a5\u8bf7\u6c42\u5fc5\u987b\u5148\u901a\u8fc7\u8fd9\u5c42\u5b89<br>\u5168\u68c0\u6d4b\uff0c\u83b7\u5f97\u8bb8\u53ef\u540e\u624d\u80fd\u8bbf\u95ee\u771f\u6b63\u7684\u670d\u52a1\u7a0b\u5e8f\u3002<br>\u5927\u591a\u6570Linux \u53d1\u884c\u7248\uff0cTCP Wrappers \u662f\u9ed8\u8ba4\u63d0\u4f9b\u7684\u529f\u80fd\u3002rpm -q tcp_ wrappers<br>TCP Wrappers\u4fdd\u62a4\u673a\u5236\u7684\u4e24\u79cd\u5b9e\u73b0\u65b9\u5f0f<br>1.\u76f4\u63a5\u4f7f\u7528tcpd\u7a0b\u5e8f\u5bf9\u5176\u4ed6\u670d\u52a1\u7a0b\u5e8f\u8fdb\u884c\u4fdd\u62a4\uff0c\u9700\u8981\u8fd0\u884ctcpd\u7a0b\u5e8f\u3002<br>2.\u7531\u5176\u4ed6\u7f51\u7edc\u670d\u52a1\u7a0b\u5e8f\u8c03\u7528libwrap.so.* \u94fe\u63a5\u5e93\uff0c\u4e0d\u9700\u8981\u8fd0\u884ctcpd \u7a0b\u5e8f\u3002\u6b64\u65b9\u5f0f\u7684\u5e94\u7528\u66f4\u52a0\u5e7f\u6cdb\uff0c\u4e5f\u66f4\u6709\u6548\u7387\u3002<br>\u4f7f\u7528ldd\u547d\u4ee4\u53ef\u4ee5\u67e5\u770b\u7a0b\u5e8f\u7684libwrap.so. *\u94fe\u63a5\u5e93<br>ldd $ (which ssh)<\/em><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>\u8bed\u6cd5\u683c\u5f0f\uff1a&lt;\u670d\u52a1\u7a0b\u5e8f\u5217\u8868>: &lt;\u5ba2\u6237\u7aef\u5730\u5740\u5217\u8868><br>\uff081\uff09\u670d\u52a1\u7a0b\u5e8f\u5217\u8868 \u670d\u52a1\u7a0b\u5e8f\u5217\u8868\u53ef\u5206\u4e3a\u4ee5\u4e0b\u51e0\u7c7b\u3002 \uf0d8<br>ALL\uff1a\u4ee3\u8868\u6240\u6709\u7684\u670d\u52a1\u3002 \uf0d8 \u5355\u4e2a\u670d\u52a1\u7a0b\u5e8f\uff1a\u5982\u201cvsftpd\u201d\u3002 \uf0d8 \u591a\u4e2a\u670d\u52a1\u7a0b\u5e8f\u7ec4\u6210\u7684\u5217\u8868\uff1a\u5982\u201cvsftpd,sshd\u201d\u3002<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">(1)\u670d\u52a1\u7a0b\u5e8f\u5217\u8868<br>ALL:\u4ee3\u8868\u6240\u6709\u7684\u670d\u52a1\u3002<br>\u5355\u4e2a\u670d\u52a1\u7a0b\u5e8f:\u5982\u201cvsftpd&#8221;.<br>\u591a\u4e2a\u670d\u52a1\u7a0b\u5e8f\u7ec4\u6210\u7684\u5217\u8868:\u5982\u201cvsftpd, sshd&#8221;\u3002.<br>(2)\u5ba2\u6237\u7aef\u5730\u5740\u5217\u8868<br>ALL:\u4ee3\u8868\u4efb\u4f55\u5ba2\u6237\u7aef\u5730\u5740\u3002<br>LOCAL:\u4ee3\u8868\u672c\u673a\u5730\u5740\u3002<br>\u591a\u4e2a\u5730\u5740\u4ee5\u9017\u53f7\u5206\u9694<br>\u5141\u8bb8\u4f7f\u7528\u901a\u914d\u7b26\u201c*\u201d\u548c&#8221;?\u201d\uff0c\u524d\u8005\u4ee3\u8868\u4efb\u610f\u957f\u5ea6\u5b57\u7b26\uff0c\u540e\u8005\u4ec5\u4ee3\u8868\u4e00\u4e2a\u5b57\u7b26<br>\u7f51\u6bb5\u5730\u5740\uff0c\u5982&#8221;192.168.80.\u201d \u6216\u8005192.168.80.0\/255.255.255.0<br>\u533a\u57df\u5730\u5740\uff0c\u5982\u201c. benet.com&#8221;\u5339\u914dbenet.com\u57df\u4e2d\u7684\u6240\u6709\u4e3b\u673a\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E8%AE%BF%E9%97%AE%E6%8E%A7%E5%88%B6%E7%9A%84%E5%9F%BA%E6%9C%AC%E5%8E%9F%E5%88%99\"><\/span>\u8bbf\u95ee\u63a7\u5236\u7684\u57fa\u672c\u539f\u5219<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">\u9996\u5148\u68c0\u67e5 \/etc\/hosts.allow \u6587\u4ef6\uff0c\u5982\u679c\u627e\u5230\u76f8\u5339\u914d\u7684\u7b56\u7565\uff0c\u5219\u5141\u8bb8\u8bbf\u95ee\uff1b<br>\u5426\u5219\u7ee7\u7eed\u68c0\u67e5\/etc\/hosts.deny \u6587\u4ef6\uff0c\u5982\u679c\u627e\u5230\u76f8\u5339\u914d\u7684\u7b56\u7565\uff0c\u5219\u62d2\u7edd\u8bbf\u95ee\uff1b<br>\u5982\u679c\u68c0\u67e5\u4e0a\u8ff0\u4e24\u4e2a\u6587\u4ef6\u90fd\u627e\u4e0d\u5230\u76f8\u5339\u914d\u7684\u7b56\u7565\uff0c \u5219\u5141\u8bb8\u8bbf\u95ee<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201c\u5141\u8bb8\u6240\u6709\uff0c\u62d2\u7edd\u4e2a\u522b\u201d<br>\u53ea\u9700\u5728\/etc\/hosts.deny\u6587\u4ef6\u4e2d\u6dfb\u52a0\u76f8\u5e94\u7684\u62d2\u7edd\u7b56\u7565<br>\u201c\u5141\u8bb8\u4e2a\u522b\uff0c\u62d2\u7edd\u6240\u6709&#8221;<br>\u9664\u4e86\u5728\/etc\/hosts.allow\u4e2d\u6dfb\u52a0\u5141\u8bb8\u7b56\u7565\u4e4b\u5916\uff0c\u8fd8\u9700\u8981\u5728\/etc\/hosts<br>deny\u6587\u4ef6\u4e2d\u8bbe\u7f6e&#8221;ALL:ALL&#8221;\u7684\u62d2\u7edd\u7b56\u7565\u3002<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u5b9e\u4f8b:.<br>\u82e5\u53ea\u5e0c\u671b\u4eceIP\u5730\u5740\u4e3a12.0.0.1\u7684\u4e3b\u673a\u6216\u8005\u4f4d\u4e8e192.168.80.0\/24\u7f51\u6bb5\u7684\u4e3b\u673a\u8bbf\u95eesshd\u670d\u52a1\uff0c\u5176\u4ed6\u5730\u5740\u88ab\u62d2\u7edd\u3002<br>vi \/etc\/hosts.allow<br>sshd,vsftpd:12.0.0.1,192.168.80.*<br>vi \/etc\/hosts.deny<br>sshd:ALL<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">sshd,vsftpd\uff1aALL<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"%E7%BB%93%E8%AF%AD\"><\/span>\u7ed3\u8bed<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">SSH \u52a0\u5bc6\u4fdd\u8bc1\u4e86 <strong>\u6570\u636e\u5728\u7f51\u7edc\u4f20\u8f93\u4e2d\u4e0d\u88ab\u7a83\u542c\u6216\u7be1\u6539<\/strong>\uff0c\u5e76\u901a\u8fc7\u5bc6\u94a5\u9a8c\u8bc1\u786e\u4fdd <strong>\u53ea\u6709\u6388\u6743\u7528\u6237\u624d\u80fd\u8bbf\u95ee\u670d\u52a1\u5668<\/strong>\u3002<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>OpenSSH\uff08Open Secure Shell\uff09\u662f\u4e00\u4e2a\u5f00\u6e90\u7684\u7f51\u7edc\u5de5\u5177\u5957\u4ef6\uff0c\u4e3b\u8981\u7528\u4e8e \u5b89\u5168\u8fdc\u7a0b\u767b\u5f55\u548c\u6570\u636e\u4f20\u8f93<\/p>\n<div class=\"more-link\">\n\t\t\t\t <a href=\"https:\/\/www.mooloco.com\/?p=141\" class=\"link-btn theme-btn\"><span>Read More <\/span> <i class=\"fa fa-caret-right\"><\/i><\/a>\n\t\t\t<\/div>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-141","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.mooloco.com\/index.php?rest_route=\/wp\/v2\/posts\/141","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mooloco.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mooloco.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mooloco.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mooloco.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=141"}],"version-history":[{"count":2,"href":"https:\/\/www.mooloco.com\/index.php?rest_route=\/wp\/v2\/posts\/141\/revisions"}],"predecessor-version":[{"id":145,"href":"https:\/\/www.mooloco.com\/index.php?rest_route=\/wp\/v2\/posts\/141\/revisions\/145"}],"wp:attachment":[{"href":"https:\/\/www.mooloco.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=141"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mooloco.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=141"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mooloco.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=141"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}