sshd service in linux

Posted by st0rmer on Tue, 17 Dec 2019 22:30:57 +0100

sshd service

1. Introduction to sshd
sshd= secure shell
A service that can boot the shell in the host through the network

Client software < c-f9 >
    sshd

Connection mode:

ssh    username@ip    ##Links to text patterns
ssh -X username@ip    ##You can turn on the graphics after the link is successful

Note:
The first time to link a strange host is to establish an authentication file
So you will be asked if you want to establish it. You need to tree it into yes
When you link this host, you do not need to enter yes again because the ~ /. SSH / know_hostsfile has been generated
Remote replication:

 scp file root@ip:dir        ##upload
 scp root@ip:file dir        ##download

2. key authentication of sshd

1. Generate authentication KEY

# ssh-keygen                                                  ##Command to generate key
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):      ##Specifies the file to save encrypted characters (use default)
Enter passphrase (empty for no passphrase):                   ##Set password (use empty password)
Enter same passphrase again:                                  ##Confirm password
Your identification has been saved in "/root/.ssh/id_rsa".    ##Private key (key)    
Your public key has been saved in "/root/.ssh/id_rsa.pub".    ##Public key (lock)
The key fingerprint is:
86:61:e4:f1:6e:51:3a:4b:d7:3c:1b:2f:e8:3f:b0:5d root@server.example.com
The key's randomart image is:
+--[ RSA 2048]----+
|      o   .      |
|     o o o o     |
|      + * . =    |
|     . = = . =   |
|      . S . o .  |
|       o ..  .E  |
|          .+ .   |
|          ..o    |
|            ..   |
+-----------------+

2. Encryption service

#ssh-copy-id -i /root/.ssh/id_rsa.pub root@172.25.254.200         ##Encrypted sshd service
The authenticity of host '172.25.254.200 (172.25.254.200)' can't be established.
ECDSA key fingerprint is eb:24:0e:07:96:26:b1:04:c2:37:0c:78:2d:bc:b0:08.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@172.25.254.200's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@172.25.254.200'"
and check to make sure that only the key(s) you wanted were added.

 

ls open the folder of encryption configuration
authorized_keys  id_rsa  id_rsa.pub  known_hosts
    ^
 This file appears to indicate encryption is complete

3. Distribute the key

scp /root/.ssh/id_rsa root@172.25.254.100:/root/.ssh/

4. Test
In the client host (172.25.254.100)

ssh root@172.25.254.200        ##When connecting, it is found that direct login does not require password authentication of root login system. Here ip is the ip of the virtual machine you set

3. Security setting of sshd

78 PasswordAuthentication yes|no   ##Whether to allow users to authenticate sshd through the password of login system
48 PermitRootLogin yes|no          ##Whether to allow root user to pass the authentication of sshd service
52 Allowusers student westos       ##Set the user whitelist. By default, users in the whitelist will not be able to use sshd
53 Denyusers    westos             ##Set the user blacklist. The users in the blacklist can use sshd by default

4. Add sshd login information

vim /etc/motd    ##File content is the information displayed after login

5. Login audit of users

1. View the users who are using the current system. You can use w

w    -f    ##View source of use
w    -i    ##Show IP

The configuration file for this command is in / var/run/utmp (
2. View the used and exited user information using last
The configuration file of the command is in / var/log/wtmp
3. View the users who tried to log in but failed to use lastb
The configuration file is in / var/log/btmp

 

 

Topics: ssh shell network vim