SSH
SSH, and
Syntax
# /etc/ssh/sshd_config PermitRootLogin no PasswordAuthentication no Port 2222
Parameters
| Parameters | Description | Examples | Level |
|---|---|---|---|
PermitRootLogin |
root | PermitRootLogin no |
Common |
PasswordAuthentication |
PasswordAuthentication no |
Common | |
Port |
SSH | Port 2222 |
Common |
AllowUsers |
AllowUsers deploy admin |
Common | |
MaxAuthTries |
MaxAuthTries 3 |
Common | |
LoginGraceTime |
LoginGraceTime 30 |
Advanced |
Examples
# /etc/ssh/sshd_config Port 2222 PermitRootLogin no PasswordAuthentication no PubkeyAuthentication yes MaxAuthTries 3 LoginGraceTime 30 AllowUsers deploy admin
systemctl restart sshd
SSH
# /etc/ssh/sshd_config AllowUsers deploy@192.168.1.* AllowUsers admin@10.0.0.0/24
IP
# /etc/ssh/sshd_config ChallengeResponseAuthentication no KerberosAuthentication no GSSAPIAuthentication no X11Forwarding no
and
fail2ban
# /etc/fail2ban/jail.local [sshd] enabled = true port = 2222 maxretry = 3 bantime = 3600 findtime = 600
10 3 IP 1
Common Errors
,. and
sshd: no hostkeys available, ssh-keygen -A New
Tips
- sshd_config SSH,
- sshd -t Syntax
- , and fail2ban