Paano i-install at i-configure ang SSH server sa Debian Linux?

Pag-install at pagsubok ng SSH Server

You will need to be root to do the following

su

  1. I-install SSH Server

    apt install openssh-server
     

  2. Suriin kung ang proseso ng server ay umiiral. Ito ay nagpapahiwatig ng install nagpunta maayos.

    ps -A | grep sshd

    output (o katulad): 1753 ? 00:00:00 sshd

     

  3. I-install SSH Client upang suriin ang koneksyon SSH Server

    apt install openssh-client

    Kumonekta sa localhost upang masubukan ang koneksyon

    ssh localhost

    Gayundin mag-login gamit ang interface IP address

    Kunin ang IP Address

    ip addr

    SSH sa ip address

    ssh {ipaddress here}
     

Securing the SSH Server

It is a good idea to secure the SSH server by disallowing root to login and configuring login only by public key i.e. login using passwords is not allowed

Ensure to execute the following commands as your user and not as root

  1. Navigate to the user home directory

    cd
     

  2. Suriin kung Ssh umiiral

    ls -a
     

  3. Kung Ssh ay hindi umiiral, Lumikha ng ito

    mkdir .ssh
     

  4. I-set ang folder ng pahintulot na 700

    chmod 700 .ssh
     

  5. Lumikha ng authorized_keys file

    touch ./.ssh/authorized_keys
     

  6. Baguhin ang pahintulot sa authorized_keys file upang 600

    chmod 600 ./.ssh/authorized_keys
     

  7. Buksan ang authorized_keys file

    nano ./.ssh/authorized_keys
     

  8. I-paste ang iyong mga pampublikong key sa file

    Maaari mong makuha ang iyong mga pampublikong susi mula sa SSH client. If the client is Windows 10 pagkatapos ito ay magiging sa %USERPROFILE%/.ssh/id_rsa.pub talaksan. If the client is Debian then the public key is ~/.ssh/id_rsa.pub.

    Kung ang iyong mga pampublikong key ay hindi umiiral, bumuo ng mga ito sa client machine

    ssh-keygen -t rsa -C "email@domain.com"
     

  9. Change to root user

    su

  10. Isaayos ang iyong SSH server na tanggapin lamang ang public key login at maiwasan ang pag-login para sa root

    nano /etc/ssh/sshd_config

    Uncomment at / o i-edit ang mga sumusunod na mga linya

    PermitRootLogin no
    StrictModes yes
    PubkeyAuthentication yes
    AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
    PasswordAuthentication no
     

  11. I-restart ang sshd service

    service sshd restart
     

  12. Try logging in as root from your SSH client using password

    ssh root@{ssh server ip address}

    output: Permission denied (publickey).

     

  13. Subukang mag-log in bilang username mula sa iyong SSH client na gumagamit ng password

    ssh username@{ssh server ip address}

    output: Permission denied (publickey).

     

  14. Try logging in as root from your SSH client using the public key

    ssh root@{ssh server ip address} -i .ssh/id_rsa

    output: Permission denied (publickey).

     

  15. Log in as username from your SSH client using the public key

    ssh username@{ssh server ip address} -i .ssh/id_rsa
     

If your SSH client has a static IP address then you may want to consider only your IP address can login to the SSH server.

Mag-iwan ng Tugon