Shulou(Shulou.com)06/01 Report--

This article introduces the relevant knowledge of "how to optimize centos remote SSH connection". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

1.

① views the sshd service through the ls-l / etc/init.d/sshd command

② views the sshd process through the ps-ef | grep sshd command

The difference between 2.ssh_config and sshd_config: one represents the local client and the other represents the server:

3. View the sshd configuration file through the ll / etc/ssh/sshd_config command:

4. Before modifying the configuration file, the backup is named in the format of hostname, time and date, where / etc/ssh/sshd_config is backed up as / etc/ssh/sshd_config.you.20160222

5. Set the line number by entering the: set nu command in vi command mode:

6. Modify the configuration file as follows:

a. Change the yes of useDNS to no:

b. Translate the listening address from 0.0.0.0 to the private network IP address 192.168.65.130:

After modifying the listening address, it is found that the sshd service only accepts or treats the private network 192.168.65.130 as a legitimate ip:

c. Change the yes that forbids root remote connections to no:

d. Search GSSAuthentication to change the default yes comment to no:

f. Modify the port number to change the original remote connection port 22 to 52113:

7. Batch implementation of sshd configuration changes:

a. Paste the entire configuration that needs to be modified directly into / etc/ssh/sshd_config (seems to deny that the level no is more advanced? )

b. Batch modification through the sed command: sed-ir'13 iport 52113\ nPermitRootLogin no\ nPermitEmptyPasswds no\ nUseDNS no\ nGSSAPIAuthentication no' sshd_config

8. Compare the difference between the original file and the modified file:

1. Using the diff command:

two。 With the vimdiff command (which is more powerful and can be highlighted):

9. Restart the sshd service with the / etc/init.d/sshd restart and / etc/init.d/sshd reload commands to make the configuration effective:

10. A denial of service occurs after modifying the configuration file:

Obviously, because the front-end slogan has been changed from 22 to 52113, but it has not been changed in the session option of SecureCRT's Fast connection, it does not match and the natural connection will not work:

If you log in after modification, you will find that you can reconnect:

If the connection logged in on the unmodified port is still active and the connection will not be connected once logged out, if the port has been modified, the connection logged in with the unmodified port is still active.

This is the end of "how to optimize centos remote SSH connection". Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.