Differences

This shows you the differences between two versions of the page.

--- сервис_ssh [2024/04/08 15:58]
val [Настройка ssh сервера]
+++ сервис_ssh [2025/01/20 14:47] (current)
val [SSH вместо VPN (привязка к порту сервера)]
@@ Line 2: / Line 2: @@
   * [[http://ru.wikipedia.org/wiki/SSH|SSH (wikipedia)]]
+  * [[https://habr.com/ru/articles/747080/|SSH с высоты птичьего полёта, или разгребаем кучи ключей]]
   * [[https://www.serfish.com/console/|Web-based access to any SSH server]]
   * [[http://linux.bolden.ru/ssh-tunnels/|Подробный анализ теории и практики использования SSH-туннелей]]
@@ Line 50: / Line 51: @@
 #KexAlgorithms +diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
 #HostkeyAlgorithms +ssh-dss,ssh-rsa
+#PubkeyAcceptedKeyTypes +ssh-dss,ssh-rsa
 </code>
@@ Line 60: / Line 62: @@
 <code>
 gate# ssh-keygen -l -f /etc/ssh/ssh_host_dsa_key.pub
+</code>
+<code>
+ubuntu24# systemctl edit ssh.socket
+...
+[Socket]
+ListenStream=
+ListenStream=2222
+...
+ubuntu24# systemctl restart ssh.socket
 </code>
@@ Line 86: / Line 97: @@
 #        StrictHostKeyChecking=no
 #        LogLevel ERROR
+#        HostKeyAlgorithms +ssh-rsa
+#        PubkeyAcceptedKeyTypes +ssh-rsa
 </code>
@@ Line 114: / Line 127: @@
 server# scp switchN:running-config /srv/tftp/switchN-running-config
+deb12_ub24# scp -O switchN:running-config /srv/tftp/switchN-running-config
 server# sshpass -p cisco scp switchN:running-config /srv/tftp/switchN-running-config
@@ Line 125: / Line 139: @@
 <code>
-www# cat /etc/ssh/sshd_config
+# cat /etc/ssh/sshd_config
 </code><code>
 ...
@@ Line 132: / Line 146: @@
 ...
 Match group user1
+#Match group group1
        ChrootDirectory %h
        ForceCommand internal-sftp
 </code><code>
-www# chown root ~user1/
+# chown root ~user1/
-www# mkdir ~user1/public_html
+# mkdir ~user1/public_html && chown user1:user1 ~user1/public_html/
-www# chown -R user1:user1 ~user1/public_html/
+# mkdir ~user1/mail && chown user1:user1 ~user1/mail/
 </code>
@@ Line 183: / Line 198: @@
 </code><code>
 # cat /proc/sys/net/ipv4/ip_local_port_range
+  или
+# sysctl net.ipv4.ip_local_port_range
-lan# ssh -N -R 61022:localhost:22 -o ServerAliveInterval=60 user1@server.corpX.un
+lan# ssh -N -R 61022:localhost:22 -o ServerAliveInterval=5 -o ServerAliveCountMax=1 -o ExitOnForwardFailure=yes student@server.corpX.un
-lan# ssh -N -R 3101:192.168.100+X.101:3389 user1@server.corpX.un
+lan# ssh -N -R 61389:192.168.100+X.1NN:3389 student@server.corpX.un
+mobaxterm> ssh -N -R 61389:localhost:3389 student@server.corpX.un
+mobaxterm> ssh -N -R 0:localhost:5500 student@server.corpX.un
 </code>
@@ Line 196: / Line 217: @@
 </code><code>
 ...
-Match Address 192.168.X.1
+#AllowUsers root user*@10.5.*.*
+...
+Match Address 192.168.*.*,172.16.*.*
        PermitRootLogin yes
 </code>

Методические материалы Лохтурова Вячеслава

User Tools

Site Tools

Differences

Page Tools