ssh:configuring_sshd
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| ssh:configuring_sshd [2016/10/17 14:47] – peter | ssh:configuring_sshd [2019/12/04 21:22] (current) – removed peter | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== SSH - Configuring sshd ====== | ||
| - | |||
| - | ===== Disable logins for the **root** user, only allow login for the core user and disable password based authentication. ===== | ||
| - | |||
| - | permissions: | ||
| - | owner: root:root | ||
| - | |||
| - | <file bash / | ||
| - | # Use most defaults for sshd configuration. | ||
| - | UsePrivilegeSeparation sandbox | ||
| - | Subsystem sftp internal-sftp | ||
| - | |||
| - | PermitRootLogin no | ||
| - | AllowUsers core | ||
| - | PasswordAuthentication no | ||
| - | ChallengeResponseAuthentication no | ||
| - | </ | ||
| - | |||
| - | |||
| - | ===== Changing the sshd port ===== | ||
| - | |||
| - | With socket-activated SSH by default. The configuration for this can be found at **/ | ||
| - | |||
| - | <file bash / | ||
| - | [Socket] | ||
| - | ListenStream=2222 | ||
| - | FreeBind=true | ||
| - | Accept=yes | ||
| - | </ | ||
| - | |||
| - | **sshd** will now listen only on port 2222 on all interfaces when the system is built. | ||
| - | |||
| - | |||
| - | Multiple ListenStream lines can be specified, in which case sshd will listen on all the specified sockets: | ||
| - | |||
| - | <file bash / | ||
| - | [Socket] | ||
| - | ListenStream=2222 | ||
| - | ListenStream=10.20.30.40: | ||
| - | FreeBind=true | ||
| - | </ | ||
ssh/configuring_sshd.1476715668.txt.gz · Last modified: 2020/07/15 09:30 (external edit)