| 代码 |
| # tar zxvf openssh-3.9p1.tar.gz # ./configure --prefix=/opt/openssh # make #make install |
| 代码 |
| 把 #Port 22 改成 Port 222 # 这里因为我自己的需要! 把 #Protocol 2,1 改成: Protocol 2 把 #PermitRootLogin yes 改成: PermitRootLogin no 这样就禁止了用户root直接登陆! 把 #PasswordAuthentication yes 改成: PasswordAuthentication no |
| 代码 |
| #!/bin/bash # # Init file for OpenSSH server daemon # # chkconfig: 2345 55 25 # description: OpenSSH server daemon # # processname: sshd # config: /etc/ssh/ssh_host_key # config: /etc/ssh/ssh_host_key.pub # config: /etc/ssh/ssh_random_seed # config: /etc/ssh/sshd_config # pidfile: /var/run/sshd.pid # source function library . /etc/rc.d/init.d/functions # pull in sysconfig settings [ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd RETVAL=0 prog="sshd" # Some functions to make the below more readable KEYGEN=/opt/openssh/bin/ssh-keygen SSHD=/opt/openssh/sbin/sshd RSA1_KEY=/opt/openssh/etc/ssh_host_key RSA_KEY=/opt/openssh/etc/ssh_host_rsa_key DSA_KEY=/opt/openssh/etc/ssh_host_dsa_key PID_FILE=/opt/openssh/sshd.pid do_rsa1_keygen() { if [ ! -s $RSA1_KEY ]; then echo -n $"Generating SSH1 RSA host key: " if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then chmod 600 $RSA1_KEY chmod 644 $RSA1_KEY.pub success $"RSA1 key generation" echo else failure $"RSA1 key generation" echo exit 1 fi fi } do_rsa_keygen() { if [ ! -s $RSA_KEY ]; then echo -n $"Generating SSH2 RSA host key: " if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then chmod 600 $RSA_KEY chmod 644 $RSA_KEY.pub success $"RSA key generation" echo else failure $"RSA key generation" echo exit 1 fi fi } do_dsa_keygen() { if [ ! -s $DSA_KEY ]; then echo -n $"Generating SSH2 DSA host key: " if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then chmod 600 $DSA_KEY chmod 644 $DSA_KEY.pub success $"DSA key generation" echo else failure $"DSA key generation" echo exit 1 fi fi } do_restart_sanity_check() { $SSHD -t RETVAL=$? if [ ! "$RETVAL" = 0 ]; then failure $"Configuration file or keys are invalid" echo fi } start() { # Create keys if necessary do_rsa1_keygen do_rsa_keygen do_dsa_keygen echo -n $"Starting $prog:" initlog -c "$SSHD $OPTIONS" && success || failure RETVAL=$? [ "$RETVAL" = 0 ] && touch /var/lock/subsys/sshd echo } stop() { echo -n $"Stopping $prog:" killproc $SSHD -TERM RETVAL=$? [ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/sshd echo } reload() { echo -n $"Reloading $prog:" killproc $SSHD -HUP RETVAL=$? echo } case "$1" in start) start ;; stop) stop ;; restart) stop start ;; reload) reload ;; condrestart) if [ -f /var/lock/subsys/sshd ]; then do_restart_sanity_check if [ "$RETVAL" = 0 ]; then stop # avoid race sleep 3 start fi fi ;; status) status $SSHD RETVAL=$? ;; *) echo $"Usage: $0 {start|stop|restart|reload|condrestart|status}" RETVAL=1 esac exit $RETVAL |
| 代码 |
| $ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/ourlinux/.ssh/id_rsa): Created directory '/home/ourlinux/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/ourlinux/.ssh/id_rsa. Your public key has been saved in /home/ourlinux/.ssh/id_rsa.pub. The key fingerprint is: 1a:00:46:93:bf:03:89:30:a5:a0:d5:c8:4f:25:f6:bc ourlinux@bixuan |
| 代码 |
| $ chmod 755 ~/.ssh |
| 代码 |
| $ chmod 644 ~/.ssh/authorized_keys |
