【FreeBSD】安全性设置

Posted by 西维蜀黍 on 2021-04-29, Last Modified on 2021-09-21

SSH

Disable Root SSH

$ vim /etc/ssh/sshd_config

# To disable direct root SSH login, you need to add following to /etc/ssh/sshd_config
PermitRootLogin no

# To enable direct root SSH login, you need to add following to /etc/ssh/sshd_config
PermitRootLogin yes

# After you do the changes, save and exit. Then restart sshd.
$ /etc/rc.d/sshd onerestart
Performing sanity check on sshd configuration.
Stopping sshd.
Waiting for PIDS: 2021.
Performing sanity check on sshd configuration.
Starting sshd.

If error:

$ /etc/rc.d/sshd restart
Performing sanity check on sshd configuration.
No host key files found

# Before generate your ssh keygen
$ ls /etc/ssh
moduli		ssh_config	sshd_config

$ ssh-keygen -A

$ ls /etc/ssh
moduli				ssh_host_dsa_key.pub		ssh_host_ed25519_key		ssh_host_rsa_key.pub
ssh_config			ssh_host_ecdsa_key		ssh_host_ed25519_key.pub	sshd_config
ssh_host_dsa_key		ssh_host_ecdsa_key.pub		ssh_host_rsa_key

Reference