In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-16 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
1. Modify ssh remote default port 22
Assuming that the remote port is to be modified to 10022, modify the following two configuration files
# vim / etc/ssh/ssh_config
# vim / etc/ssh/sshd_config
Find # Port 22 and add Port 10022 below
Then restart sshd
# service sshd restart
2. Prohibit root from logging in remotely through ssh
# vim / etc/ssh/sshd_config
Find PermitRootLogin, change the following yes to no, and cancel the previous comment # so that root can't log in remotely!
You can log in with an ordinary account. When you want to use root, use the command su root to switch to the root account.
3. Restrict users' SSH access
Suppose that as long as root,user1 and user2 users can use the system through SSH, add to the sshd_config configuration file
# vim / etc/ssh/sshd_config
AllowUsers root user1 user2
4. Configure the idle timeout exit interval
Users can log in to the server through ssh, and you can set an idle timeout interval.
Open the sshd_config configuration file and set it to the following.
# vim / etc/ssh/sshd_config
ClientAliveInterval 600
ClientAliveCountMax 0
The idle timeout interval set in the above example is 600 seconds, or 10 minutes.
After this time, idle users will be automatically kicked out (which can be understood as logout / logout).
5. Restrict that only a certain IP can log in to the server remotely.
Vim / etc/hosts.deny # adds sshd:ALL to it
Vim / etc/hosts.allow # is set up as follows: sshd:192.168.1.1 # (only 192.168.1.1 this IP remote login server is allowed)
Finally restart the ssh service: / etc/init.d/sshd restart
Modify that an ordinary user has root permission
1) enter superuser mode. That is, type "su -", the system will ask you to enter the super user password, enter the password to enter the superuser mode. (of course, you can also use root directly)
2) add write permission to the file. That is, enter the command "chmod Ubunw / etc/sudoers".
3) Edit / etc/sudoers file. That is, enter the command "vim / etc/sudoers", type "I" to enter edit mode, find this line: "root ALL= (ALL) ALL" add "xxx ALL= (ALL) ALL" (where xxx is your user name) below, and then save (that is, press the ESC key first, and then type ": wq") to exit.
4) revoke the write permission of the file. That is, enter the command "chmod Umurw / etc/sudoers".
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
