Cara menginstal dan mengkonfigurasi server SSH di Debian Linux?

Menginstal dan menguji SSH Server

You will need to be root to do the following

su

  1. Install SSH Server

    apt install openssh-server
     

  2. Periksa apakah proses server ada. Hal ini menunjukkan install berjalan dengan baik.

    ps -A | grep sshd

    Keluaran (atau serupa): 1753 ? 00:00:00 sshd

     

  3. Instal Client SSH untuk memeriksa koneksi SSH Server

    apt install openssh-client

    Menghubungkan ke localhost untuk menguji koneksi

    ssh localhost

    Juga login dengan alamat IP antarmuka

    Dapatkan IP Address

    ip addr

    SSH ke alamat ip

    ssh {ipaddress here}
     

Securing the SSH Server

It is a good idea to secure the SSH server by disallowing root to login and configuring login only by public key i.e. login using passwords is not allowed

Ensure to execute the following commands as your user and not as root

  1. Navigate to the user home directory

    cd
     

  2. Check if .ssh exists

    ls -a
     

  3. If .ssh does not exist, create it

    mkdir .ssh
     

  4. Set the folder permission to 700

    chmod 700 .ssh
     

  5. Create the authorized_keys file

    touch ./.ssh/authorized_keys
     

  6. Change permission on the authorized_keys file to 600

    chmod 600 ./.ssh/authorized_keys
     

  7. Open the authorized_keys file

    nano ./.ssh/authorized_keys
     

  8. Paste your public key into the file

    You can get your public key from the SSH client. If the client is Jendela 10 then it will be in the %USERPROFILE%/.ssh/id_rsa.pub mengajukan. If the client is Debian then the public key is ~/.ssh/id_rsa.pub.

    If your public key does not exist, generate it on the client machine

    ssh-keygen -t rsa -C "email@domain.com"
     

  9. Change to root user

    su

  10. Configure your SSH server to accept only public key logins and prevent login for root

    nano /etc/ssh/sshd_config

    Uncomment and/or edit the following lines

    PermitRootLogin no
    StrictModes yes
    PubkeyAuthentication yes
    AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
    PasswordAuthentication no
     

  11. Restart the sshd service

    service sshd restart
     

  12. Try logging in as root from your SSH client using password

    ssh root@{ssh server ip address}

    Keluaran: Permission denied (publickey).

     

  13. Try logging in as username from your SSH client using password

    ssh username@{ssh server ip address}

    Keluaran: Permission denied (publickey).

     

  14. Try logging in as root from your SSH client using the public key

    ssh root@{ssh server ip address} -i .ssh/id_rsa

    Keluaran: Permission denied (publickey).

     

  15. Log in as username from your SSH client using the public key

    ssh username@{ssh server ip address} -i .ssh/id_rsa
     

If your SSH client has a static IP address then you may want to consider only your IP address can login to the SSH server.

Tinggalkan balasan