Warning: Undefined array key "HTTP_ACCEPT_LANGUAGE" in /www/wwwroot/01xj.net/wp-content/plugins/wp-ue/main.php on line 13
{"id":107,"date":"2011-09-19T10:57:14","date_gmt":"2011-09-19T10:57:14","guid":{"rendered":"http:\/\/www.01xj.net\/0\/?p=107"},"modified":"2011-09-19T10:57:14","modified_gmt":"2011-09-19T10:57:14","slug":"root%e7%94%a8%e6%88%b7%e7%99%bb%e9%99%86sshd%e9%99%84%ef%bc%9afreebsd-ssh%e9%85%8d%e7%bd%ae%e8%af%a6%e8%a7%a3","status":"publish","type":"post","link":"https:\/\/www.01xj.net\/?p=107","title":{"rendered":".root\u7528\u6237\u767b\u9646sshd(\u9644\uff1aFreeBSD SSH\u914d\u7f6e\u8be6\u89e3)"},"content":{"rendered":"

\u4fee\u6539freebsd\u53ef\u4ee5\u7528sshd\u6743\u9650\u7528\u6237\u767b\u5f55ssh \u4f46\u4e0d\u80fd\u7528root\u7528\u6237\u767b\u5f55\u7684\u65b9\u6cd5<\/p>\n

\u5728\/etc\/ssh\/sshd_config\u6700\u540e\u4e2d\u52a0\u5165\u00a0<\/p>\n

PermitRootLogin yes #\u5141\u8bb8root\u767b\u5f55
\nPermitEmptyPasswords no #\u4e0d\u5141\u8bb8\u7a7a\u5bc6\u7801\u767b\u5f55
\nPasswordAuthentication yes # \u8bbe\u7f6e\u662f\u5426\u4f7f\u7528\u53e3\u4ee4\u9a8c\u8bc1\u3002
\n\u5c31\u53ef\u4ee5\u4e86<\/p>\n

FreeBSD SSH\u914d\u7f6e\u8be6\u89e3<\/p>\n

\u9996\u5148vi\u7f16\u8f91\/etc\/inetd.conf,\u53bb\u6389ssh\u524d\u7684#\uff0c\u4fdd\u5b58\u9000\u51fa (\u5f00\u542f\u76d1\u542cssh\u670d\u52a1)
\n\u7f16\u8f91\/etc\/rc.conf
\n\u6700\u540e\u52a0\u5165:sshd_enable=”yes”\u5373\u53ef
\n\u6fc0\u6d3bsshd\u670d\u52a1\uff1a
\ntecho#\/etc\/rc.d\/sshd start
\n\u7528\u4e0b\u9762\u547d\u4ee4\u68c0\u67e5\u670d\u52a1\u662f\u5426\u542f\u52a8\uff0c\u572822\u7aef\u53e3\u5e94\u8be5\u6709\u76d1\u542c\u3002
\n#netstat -an ## check port number 22
\n\u6700\u540e
\nvi \/etc\/ssh\/sshd_config,
\n\u4e0b\u9762\u662f\u6211\u7684\u914d\u7f6e\u6587\u4ef6\uff1a(\/etc\/ssh\/sshd_config)
\n####################################################<\/p>\n

# $OpenBSD: sshd_config,v 1.72 2005\/07\/25 11:59:40 markus Exp $
\n# $FreeBSD: src\/crypto\/openssh\/sshd_config,v 1.42.2.1 2005\/09\/11 16:50:35 des Exp $<\/p>\n

# This is the sshd server system-wide configuration file. See
\n# sshd_config(5) for more information.<\/p>\n

# This sshd was compiled with PATH=\/usr\/bin:\/bin:\/usr\/sbin:\/sbin<\/p>\n

# The strategy used for options in the default sshd_config shipped with
\n# OpenSSH is to specify options with their default value where
\n# possible, but leave them commented. Uncommented options change a
\n# default value.<\/p>\n

# Note that some of FreeBSD’s defaults differ from OpenBSD’s, and
\n# FreeBSD has a few additional options.<\/p>\n

#VersionAddendum FreeBSD-20050903<\/p>\n

#Port 22
\n#Protocol 2
\n#AddressFamily any
\n#ListenAddress 10.1.10.196
\n#ListenAddress ::<\/p>\n

# HostKey for protocol version 1
\n#HostKey \/etc\/ssh\/ssh_host_key
\n# HostKeys for protocol version 2
\n#HostKey \/etc\/ssh\/ssh_host_dsa_key<\/p>\n

# Lifetime and size of ephemeral version 1 server key
\n#KeyRegenerationInterval 1h
\n#ServerKeyBits 768<\/p>\n

# Logging
\n# obsoletes QuietMode and FascistLogging
\n#SyslogFacility AUTH
\n#LogLevel INFO<\/p>\n

# Authentication:<\/p>\n

#LoginGraceTime 2m
\n#PermitRootLogin no
\n#StrictModes yes
\n#MaxAuthTries 6<\/p>\n

#RSAAuthentication yes
\n#PubkeyAuthentication yes
\n#AuthorizedKey .ssh\/authorized_keys
\n# For this to work you will also need host keys in \/etc\/ssh\/ssh_known_hosts
\n#RhostsRSAAuthentication no
\n# similar for protocol version 2
\n#HostbasedAuthentication no
\n# Change to yes if you don’t trust ~\/.ssh\/known_hosts for
\n# RhostsRSAAuthentication and HostbasedAuthentication
\n#IgnoreUserKnownHosts no
\n# Don’t read the user’s ~\/.rhosts and ~\/.shosts files
\n#IgnoreRhosts yes<\/p>\n

# Change to yes to enable built-in password authentication.
\nPasswordAuthentication yes
\n#PermitEmptyPasswords no<\/p>\n

# Change to no to disable PAM authentication
\n#ChallengeResponseAuthentication yes<\/p>\n

# Kerberos options
\n#KerberosAuthentication no
\n#KerberosOrLocalPasswd yes
\n#KerberosTicketCleanup yes
\n#KerberosGetAFSToken no<\/p>\n

# GSSAPI options
\n#GSSAPIAuthentication no
\n#GSSAPICleanupCredentials yes<\/p>\n

# Set this to ‘no’ to disable PAM authentication, account processing,
\n# and session processing. If this is enabled, PAM authentication will
\n# be allowed through the ChallengeResponseAuthentication mechanism.
\n# Depending on your PAM configuration, this may bypass the setting of
\n# PasswordAuthentication, PermitEmptyPasswords, and
\n# “PermitRootLogin without-password”. If you just want the PAM account and
\n# session checks to run without PAM authentication, then enable this but set
\n# ChallengeResponseAuthentication=no
\n#UsePAM yes<\/p>\n

#AllowTcpForwarding yes
\n#GatewayPorts no
\n#X11Forwarding yes
\n#X11DisplayOffset 10
\n#X11UseLocalhost yes
\n#PrintMotd yes
\n#PrintLastLog yes
\n#TCPKeepAlive yes
\n#UseLogin no
\n#UsePrivilegeSeparation yes
\n#PermitUserEnvironment no
\n#Compression delayed
\n#ClientAliveInterval 0
\n#ClientAliveCountMax 3
\n#UseDNS no
\n#PidFile \/var\/run\/sshd.pid
\n#MaxStartups 10<\/p>\n

# no default banner path
\n#Banner \/some\/path<\/p>\n

# override default of no subsystems
\nSubsystem sftp \/usr\/libexec\/sftp-server<\/p>\n

IgnoreRhosts yes
\nIgnoreUserKnownHosts yes
\nPrintMotd yes
\nStrictModes no
\nRSAAuthentication yes
\nPermitRootLogin yes #\u5141\u8bb8root\u767b\u5f55
\nPermitEmptyPasswords no #\u4e0d\u5141\u8bb8\u7a7a\u5bc6\u7801\u767b\u5f55
\nPasswordAuthentication yes # \u8bbe\u7f6e\u662f\u5426\u4f7f\u7528\u53e3\u4ee4\u9a8c\u8bc1\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"

\u4fee\u6539freebsd\u53ef\u4ee5\u7528sshd\u6743\u9650\u7528\u6237\u767b\u5f55ssh \u4f46\u4e0d\u80fd\u7528root...<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17],"tags":[],"class_list":["post-107","post","type-post","status-publish","format-standard","hentry","category-freebsd-"],"_links":{"self":[{"href":"https:\/\/www.01xj.net\/index.php?rest_route=\/wp\/v2\/posts\/107","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.01xj.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.01xj.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.01xj.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.01xj.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=107"}],"version-history":[{"count":1,"href":"https:\/\/www.01xj.net\/index.php?rest_route=\/wp\/v2\/posts\/107\/revisions"}],"predecessor-version":[{"id":108,"href":"https:\/\/www.01xj.net\/index.php?rest_route=\/wp\/v2\/posts\/107\/revisions\/108"}],"wp:attachment":[{"href":"https:\/\/www.01xj.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=107"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.01xj.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=107"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.01xj.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=107"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}