User Tools
сервис_ssh
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
сервис_ssh [2024/05/15 13:02] val [Использование SSH Chroot] |
сервис_ssh [2025/10/30 10:14] (current) val [Сервис SSH] |
||
|---|---|---|---|
| Line 2: | Line 2: | ||
| * [[http://ru.wikipedia.org/wiki/SSH|SSH (wikipedia)]] | * [[http://ru.wikipedia.org/wiki/SSH|SSH (wikipedia)]] | ||
| + | * [[https://habr.com/ru/articles/747080/|SSH с высоты птичьего полёта, или разгребаем кучи ключей]] | ||
| * [[https://www.serfish.com/console/|Web-based access to any SSH server]] | * [[https://www.serfish.com/console/|Web-based access to any SSH server]] | ||
| * [[http://linux.bolden.ru/ssh-tunnels/|Подробный анализ теории и практики использования SSH-туннелей]] | * [[http://linux.bolden.ru/ssh-tunnels/|Подробный анализ теории и практики использования SSH-туннелей]] | ||
| * [[https://m.habr.com/post/435546/|Практические советы, примеры и туннели SSH]] | * [[https://m.habr.com/post/435546/|Практические советы, примеры и туннели SSH]] | ||
| + | * [[https://habr.com/ru/articles/122445/|Памятка пользователям ssh]] | ||
| ===== Установка ===== | ===== Установка ===== | ||
| Line 50: | Line 52: | ||
| #KexAlgorithms +diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1 | #KexAlgorithms +diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1 | ||
| #HostkeyAlgorithms +ssh-dss,ssh-rsa | #HostkeyAlgorithms +ssh-dss,ssh-rsa | ||
| + | #PubkeyAcceptedKeyTypes +ssh-dss,ssh-rsa | ||
| </code> | </code> | ||
| Line 60: | Line 63: | ||
| <code> | <code> | ||
| gate# ssh-keygen -l -f /etc/ssh/ssh_host_dsa_key.pub | gate# ssh-keygen -l -f /etc/ssh/ssh_host_dsa_key.pub | ||
| + | </code> | ||
| + | <code> | ||
| + | ubuntu24# systemctl edit ssh.socket | ||
| + | ... | ||
| + | [Socket] | ||
| + | ListenStream= | ||
| + | ListenStream=2222 | ||
| + | ... | ||
| + | ubuntu24# systemctl restart ssh.socket | ||
| </code> | </code> | ||
| Line 86: | Line 98: | ||
| # StrictHostKeyChecking=no | # StrictHostKeyChecking=no | ||
| # LogLevel ERROR | # LogLevel ERROR | ||
| - | + | # HostKeyAlgorithms +ssh-rsa | |
| - | ### HostKeyAlgorithms +ssh-rsa | + | # PubkeyAcceptedKeyTypes +ssh-rsa |
| - | ### PubkeyAcceptedKeyTypes +ssh-rsa | + | |
| </code> | </code> | ||
| Line 117: | Line 128: | ||
| server# scp switchN:running-config /srv/tftp/switchN-running-config | server# scp switchN:running-config /srv/tftp/switchN-running-config | ||
| + | deb12_ub24# scp -O switchN:running-config /srv/tftp/switchN-running-config | ||
| server# sshpass -p cisco scp switchN:running-config /srv/tftp/switchN-running-config | server# sshpass -p cisco scp switchN:running-config /srv/tftp/switchN-running-config | ||
| Line 190: | Line 202: | ||
| # sysctl net.ipv4.ip_local_port_range | # sysctl net.ipv4.ip_local_port_range | ||
| - | lan# ssh -N -R 61022:localhost:22 -o ServerAliveInterval=60 student@server.corpX.un | + | lan# ssh -N -R 61022:localhost:22 -o ServerAliveInterval=5 -o ServerAliveCountMax=1 -o ExitOnForwardFailure=yes student@server.corpX.un |
| lan# ssh -N -R 61389:192.168.100+X.1NN:3389 student@server.corpX.un | lan# ssh -N -R 61389:192.168.100+X.1NN:3389 student@server.corpX.un | ||
| Line 206: | Line 218: | ||
| </code><code> | </code><code> | ||
| ... | ... | ||
| - | Match Address 192.168.X.1 | + | #AllowUsers root user*@10.5.*.* |
| + | ... | ||
| + | Match Address 192.168.*.*,172.16.*.* | ||
| PermitRootLogin yes | PermitRootLogin yes | ||
| </code> | </code> | ||
сервис_ssh.1715767353.txt.gz · Last modified: 2024/05/15 13:02 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
