FreeBSD下SSH安装配置
itisyang 2011-07-03
sshd的配置文件一般位于/etc/ssh/sshd_config。
终端下:#ee /etc/ssh/sshd_config
---------------------------------------------
#Protocol 2,1
修改为:
Protocol 2
#ListenAddress 0.0.0.0
修改为:
ListenAddress 0.0.0.0
#PermitRootLogin yes
修改为
PermitRootLogin yes
(Linux上默认允许root用户登录,此处可不修改。)
修改完成后重启sshd:
/etc/rc.d/sshd restart
/etc/rc.conf 中,添加一个:
sshd_enable="yes"
FreeBSD SSH配置详解
首先vi编辑/etc/inetd.conf,去掉ssh前的#,保存退出
编辑/etc/rc.conf
最后加入:sshd_enable="yes"即可
激活sshd服务:
techo#/etc/rc.d/sshdstart
用下面命令检查服务是否启动,在22端口应该有监听。
#netstat-an##checkportnumber22
最后
vi /etc/ssh/sshd_config,下面是我的配置文件:(/etc/ssh/sshd_config)####################################################
# $OpenBSD: sshd_config,v 1.72 2005/07/25 11:59:40 markus Exp $# $FreeBSD: src/crypto/openssh/sshd_config,v 1.42.2.1 2005/09/11 16:50:35 des Exp $
# This is the sshd server system-wide configuration file. See# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
#OpenSSHistospecifyoptionswiththeirdefaultvaluewhere
#possible,butleavethemcommented.Uncommentedoptionschangea
# default value.# Note that some of FreeBSD's defaults differ from OpenBSD's, and# FreeBSD has a few additional options.
#VersionAddendum FreeBSD-20050903
#Port 22
#Protocol2
#AddressFamilyany
#ListenAddress10.1.10.196
#ListenAddress ::# HostKey for protocol version 1
#HostKey/etc/ssh/ssh_host_key
#HostKeysforprotocolversion2
#HostKey /etc/ssh/ssh_host_dsa_key# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval1h
#ServerKeyBits 768# Logging
#obsoletesQuietModeandFascistLogging
#SyslogFacilityAUTH
#LogLevel INFO# Authentication:
#LoginGraceTime 2m
#PermitRootLoginno
#StrictModesyes
#MaxAuthTries 6#RSAAuthentication yes
#PubkeyAuthenticationyes
#AuthorizedKey.ssh/authorized_keys
#Forthistoworkyouwillalsoneedhostkeysin/etc/ssh/ssh_known_hosts
#RhostsRSAAuthenticationno
#similarforprotocolversion2
#HostbasedAuthenticationno
#Changetoyesifyoudon'ttrust~/.ssh/known_hostsfor
#RhostsRSAAuthenticationandHostbasedAuthentication
#IgnoreUserKnownHostsno
#Don'treadtheuser's~/.rhostsand~/.shostsfiles
#IgnoreRhosts yes# Change to yes to enable built-in password authentication.
PasswordAuthenticationyes
#PermitEmptyPasswords no# Change to no to disable PAM authentication#ChallengeResponseAuthentication yes
# Kerberos options
#KerberosAuthenticationno
#KerberosOrLocalPasswdyes
#KerberosTicketCleanupyes
#KerberosGetAFSToken no# GSSAPI options
#GSSAPIAuthenticationno
#GSSAPICleanupCredentials yes# Set this to 'no' to disable PAM authentication, account processing,
#andsessionprocessing.Ifthisisenabled,PAMauthenticationwill
#beallowedthroughtheChallengeResponseAuthenticationmechanism.
#DependingonyourPAMconfiguration,thismaybypassthesettingof
#PasswordAuthentication,PermitEmptyPasswords,and
#"PermitRootLoginwithout-password".IfyoujustwantthePAMaccountand
#sessioncheckstorunwithoutPAMauthentication,thenenablethisbutset
#ChallengeResponseAuthentication=no
#UsePAM yes#AllowTcpForwarding yes
#GatewayPortsno
Forwardingyes
DisplayOffset10
UseLocalhostyes
#PrintMotdyes
#PrintLastLogyes
#TCPKeepAliveyes
#UseLoginno
#UsePrivilegeSeparationyes
#PermitUserEnvironmentno
#Compressiondelayed
#ClientAliveInterval0
#ClientAliveCountMax3
#UseDNSno
#PidFile/var/run/sshd.pid
#MaxStartups 10# no default banner path#Banner /some/path
# override default of no subsystemsSubsystem sftp /usr/libexec/sftp-server
IgnoreRhosts yes
IgnoreUserKnownHostsyes
PrintMotdyes
StrictModesno
RSAAuthenticationyes
PermitRootLoginyes#允许root登录
PermitEmptyPasswordsno#不允许空密码登录
PasswordAuthentication yes # 设置是否使用口令验证。##############################################
记得修改完配置文件后,重新启动sshd服务器(/etc/rc.d/sshd restart)即可。
