page counter next up previous contents
Next: 主機名稱設定 Up: IPv4 網路設定 Previous: *刪除重新設定   Contents   DYWANG_HOME

SSH設定與連線

  1. sshd 允許 root 登入的參數 PermitRootLogin 設定:
    1. yes:允許
    2. no:不允許
    3. prohibit-password (without-password):不允許以輸入密碼的方式登入
    4. forced-commands-only:只允許在登入命令用公鑰授權登入。
  2. PermitRootLogin 預設是 prohibit-password,修改成 yes。 
    [root@999999 ~]# vim /etc/ssh/sshd_config
[root@999999 ~]# grep PermitRoot /etc/ssh/sshd_config
#PermitRootLogin prohibit-password
PermitRootLogin yes
# the setting of "PermitRootLogin without-password".
  3. 重新啟動 sshd 服務。 
    [root@999999 ~]# systemctl restart sshd.service
  4. 從 host 主機以 ssh 登入 kvm8。 
    [dywang@deyu ~]$ ssh root@kvm8.deyu.wang
The authenticity of host 'kvm8.deyu.wang (192.168.122.8)' can't be established.
ECDSA key fingerprint is SHA256:WaRiVLOS0JYkmNagaoEUu3MoCDEzqxougcjB0uJ99QQ.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'kvm8.deyu.wang' (ECDSA) to the list of known hosts.
root@kvm8.deyu.wang's password:
Last login: Mon Aug 29 15:35:12 2022 from 192.168.122.1