Linux¿Í»§¶ËʹÓÃSSHµÄÃüÁî¹ÜÀílinux·þÎñÆ÷

<!--
@page { margin: 2cm }
P { margin-bottom: 0.21cm }
TD P { margin-bottom: 0cm }
A:link { so-language: zxx }
-->
µÇ½£ºssh [hostname] 
ÊäÈëÃÜÂ룺*****
µÇ
½ÒÔºó¾Í¿ÉÒÔÏñ¿ØÖÆ×Ô¼ºµÄ»úÆ÷Ò»Ñù¿ØÖÆËüÁË£¬²»¹ýûÓпÉÊÓ»¯µÄ½çÃæ¡£²»¹ýÏÖÔÚ
ÎÒËùʹÓùýµÄÁ½¸ö°æ±¾Linux(SUSE
ºÍFC5)
ÖÐÓпÉÒÔʹÓÃÀàËÆFTP
½çÃæµÄ¹¤¾ß¡£Ê¹Óù¤¾ßÁ¬½Óʱ£¬Ñ¡ÔñSSH
£¬¶Ë¿ÚÊÇÌî·þÎñÆ÷µÄSSH
¶Ë¿Ú£¬Ä¬ÈÏÊÇ22
£¬µ«ÊÇ»¹ÊÇÒªÊÖ¹¤Ìîд¡£Á¬½ÓÉÏÒÔºóFTP
½çÃæºÍshell
ͬʱʹÓÿÉÒÔ
Ìá¸ß¹¤×÷ЧÂÊ¡£

# visudo
%wheel ALL=(ALL) ALL
# gpasswd -a user1 wheel
4)
ÏÞÖÆ ssh

ʹÓÃÕßÃûµ¥
# vi /etc/pam.d/sshd
auth required
pam_listfile.so item=user sense=allow file=/etc/ssh_users ōnerr=fail
# echo user1 >>
/etc/ssh_users
5)
·âËø ssh

Áª»ú²¢¸ÄÓà web
¿Ø¹ÜÇåµ¥
# iptables -I INPUT -p tcp
--dport 22 -j DROP
# mkdir
/var/www/html/ssh_open
# cat >
/var/www/html/ssh_open/.htaccess < AuthName "ssh_open"
AuthUserFile
/var/www/html/ssh_open/.htpasswd
AuthType basic
require valid-user
END
# htpasswd -c
/var/www/html/ssh_open/.htpasswd user1
(
×îºÃ»¹½« SSL

ÉèÆðÀ´,
»òÖ»ÏÞ
https
Áª»ú¸ü¼Ñ,

ÎÒÕâÀïÂÔ¹ý SSL
É趨,

Çë¶ÁÕß×Ô²¹.)
(
ÈçÐè¿ØÖÆÁª»úÀ´Ô´,

ÄÇÇëÔÙ²¹ Allow/Deny

ÏîÄ¿,
Ò²Çë¶ÁÕß×Ô²¹.)
# cat >
/var/www/html/ssh_open/ssh_open.php < //Set dir path for ip list
$dir_path=".";
//Set filename for ip list
$ip_list="ssh_open.txt";
//Get client ip
$user_ip=$_SERVER['REMOTE_ADDR'];
//allow specifying ip if
needed
if (@$_GET['myip']) {
$user_ip=$_GET['myip'];
}
//checking IP format
if
($user_ip==long2ip(ip2long($user_ip))) {
//Put client ip to a file
if(@!($file =
fopen("$dir_path/$ip_list","w+")))
{
echo "Permission
denied!!
";
echo "Pls Check your
rights to dir $dir_path or file $ip_list";
}
else
{
fputs($file,"$user_ip");
fclose($file);
echo "client
ip($user_ip) has put into $dir_path/$ip_list&quo