• Kali配置SSH及开机自启


          修改sshd_config文件,命令如下:

    vi /etc/ssh/sshd_config

          我的配置文件如下:

    # Package generated configuration file
    
    # See the sshd_config(5) manpage for details
    
    # What ports, IPs and protocols we listen for
    
    Port 22
    
    # Use these options to restrict which interfaces/protocols sshd will bind to
    
    #ListenAddress ::
    
    #ListenAddress 0.0.0.0
    
    Protocol 2
    
    # HostKeys for protocol version 2
    
    HostKey /etc/ssh/ssh_host_rsa_key
    
    HostKey /etc/ssh/ssh_host_dsa_key
    
    HostKey /etc/ssh/ssh_host_ecdsa_key
    
    #Privilege Separation is turned on for security
    
    UsePrivilegeSeparation yes
    
    # Lifetime and size of ephemeral version 1 server key
    
    KeyRegenerationInterval 3600
    
    ServerKeyBits 768
    
    # Logging
    
    SyslogFacility AUTH
    
    LogLevel INFO
    
    # Authentication:
    
    LoginGraceTime 120
    
    PermitRootLogin yes
    
    StrictModes yes
    
    RSAAuthentication yes
    
    PubkeyAuthentication yes
    
    #AuthorizedKeysFile	%h/.ssh/authorized_keys
    
    # Don't read the user's ~/.rhosts and ~/.shosts files
    
    IgnoreRhosts yes
    
    # For this to work you will also need host keys in /etc/ssh_known_hosts
    
    RhostsRSAAuthentication no
    
    # similar for protocol version 2
    
    HostbasedAuthentication no
    
    # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
    
    #IgnoreUserKnownHosts yes
    
    # To enable empty passwords, change to yes (NOT RECOMMENDED)
    
    PermitEmptyPasswords no
    
    # Change to yes to enable challenge-response passwords (beware issues with
    
    # some PAM modules and threads)
    
    ChallengeResponseAuthentication no
    
    # Change to no to disable tunnelled clear text passwords
    
    PasswordAuthentication yes
    
    # Kerberos options
    
    #KerberosAuthentication no
    
    #KerberosGetAFSToken no
    
    #KerberosOrLocalPasswd yes
    
    #KerberosTicketCleanup yes
    
    # GSSAPI options
    
    #GSSAPIAuthentication no
    
    #GSSAPICleanupCredentials yes
    
    X11Forwarding yes
    
    X11DisplayOffset 10
    
    PrintMotd no
    
    PrintLastLog yes
    
    TCPKeepAlive yes
    
    #UseLogin no
    
    #MaxStartups 10:30:60
    
    #Banner /etc/issue.net
    
    # Allow client to pass locale environment variables
    
    AcceptEnv LANG LC_*
    
    Subsystem sftp /usr/lib/openssh/sftp-server
    
    # Set this to 'yes' to enable PAM authentication, account processing,
    
    # and session processing. If this is enabled, PAM authentication will
    
    # be allowed through the ChallengeResponseAuthentication and
    
    # PasswordAuthentication.  Depending on your PAM configuration,
    
    # PAM authentication via ChallengeResponseAuthentication may bypass
    
    # the setting of "PermitRootLogin without-password".
    
    # If you just want the PAM account and session checks to run without
    
    # PAM authentication, then enable this but set PasswordAuthentication
    
    # and ChallengeResponseAuthentication to 'no'.
    
    UsePAM yes

          启动SSH服务,命令及图示如下:

    /etc/init.d/ssh start 

    4 

          验证SSH服务状态,命令及图示如下:

    /etc/init.d/ssh status
    5

          这样,就可以连上SSH了。为了避免每次都要开启ssh服务,设置一下开机自启。命令如下:

    update-rc.d ssh enable

     

  • 相关阅读:
    请朋友做事,须以名誉为限,为朋友做事,亦须以名誉为限
    这世上总有一些人记得你,关注着你,牵挂着你
    杏花春雨已不再,牧童遥指已不再,剑门细雨渭城轻尘也都已不再
    如果要你做鲁滨逊,你会选第三型还是第二型的朋友做“礼拜五”呢
    人类最不能伤害的就是自尊
    单靠理论和教训是无济于事的
    交真朋友已是件比较奢侈的事儿
    他一定是一个懂生活、懂人生,爱自己、爱别人的人
    国子监,就是从前的大学
    只有把理想和现实有机结合起来,才有可能成为一个成功之人
  • 原文地址:https://www.cnblogs.com/hiccup/p/4377484.html
Copyright © 2020-2023  润新知