ssh_config<\/p>\n
# Host * (\u53ea\u5bf9\u80fd\u591f\u5339\u914d\u540e\u9762\u5b57\u4e32\u7684\u8ba1\u7b97\u673a\u6709\u6548\u3002\u201c*\u201d\u8868\u793a\u6240\u6709\u7684\u8ba1\u7b97\u673a)
# ForwardAgent no (\u8bbe\u7f6e\u8fde\u63a5\u662f\u5426\u7ecf\u8fc7\u9a8c\u8bc1\u4ee3\u7406\uff08\u5982\u679c\u5b58\u5728\uff09\u8f6c\u53d1\u7ed9\u8fdc\u7a0b\u8ba1\u7b97\u673a)
# ForwardX11 no (\u8bbe\u7f6eX11\u8fde\u63a5\u662f\u5426\u88ab\u81ea\u52a8\u91cd\u5b9a\u5411\u5230\u5b89\u5168\u7684\u901a\u9053\u548c\u663e\u793a\u96c6)
# RhostsRSAAuthentication no (\u8bbe\u7f6e\u662f\u5426\u4f7f\u7528\u7528RSA\u7b97\u6cd5\u7684\u57fa\u4e8erhosts\u7684\u5b89\u5168\u9a8c\u8bc1)
# RSAAuthentication yes (\u8bbe\u7f6e\u662f\u5426\u4f7f\u7528RSA\u7b97\u6cd5\u8fdb\u884c\u5b89\u5168\u9a8c\u8bc1)
# PasswordAuthentication yes (\u8bbe\u7f6e\u662f\u5426\u4f7f\u7528\u53e3\u4ee4\u9a8c\u8bc1)
# HostbasedAuthentication no (\u82e5\u8bbe\u7f6e\u4e3ayes\uff0c\u5219\u5c1d\u8bd5\u7740\u8fdb\u884crhosts\u8eab\u4efd\u9a8c\u8bc1\u3002\u5bf9\u4e8e\u5b89\u5168\u8981\u6c42\u66f4\u9ad8\u7684\u7cfb\u7edf\uff0c\u8bf7\u5c06\u5176\u8bbe\u7f6e\u4e3ano\uff08\u9ed8\u8ba4\u503c\uff09)
# GSSAPIAuthentication no (ssh\u7684\u4f1a\u8bdd\u76f4\u5230DNS\u8bf7\u6c42\u8d85\u65f6\u624d\u4f1a\u7ee7\u7eed\u4e0b\u53bb,\u5efa\u610fno)
# GSSAPIDelegateCredentials no (ssh\u7684\u4f1a\u8bdd\u76f4\u5230DNS\u8bf7\u6c42\u8d85\u65f6\u624d\u4f1a\u7ee7\u7eed\u4e0b\u53bb,\u5efa\u610fno)
# BatchMode no (\u5982\u679c\u8bbe\u4e3a\u201cyes\u201d\uff0cpassphrase\/password\uff08\u4ea4\u4e92\u5f0f\u8f93\u5165\u53e3\u4ee4\uff09\u7684\u63d0\u793a\u5c06\u88ab\u7981\u6b62\u3002
\u5f53\u4e0d\u80fd\u4ea4\u4e92\u5f0f\u8f93\u5165\u53e3\u4ee4\u7684\u65f6\u5019\uff0c\u8fd9\u4e2a\u9009\u9879\u5bf9\u811a\u672c\u6587\u4ef6\u548c\u6279\u5904\u7406\u4efb\u52a1\u5341\u5206\u6709\u7528)
# CheckHostIP yes (\u8bbe\u7f6essh\u662f\u5426\u67e5\u770b\u8fde\u63a5\u5230\u670d\u52a1\u5668\u7684\u4e3b\u673a\u7684IP\u5730\u5740\u4ee5\u9632\u6b62DNS\u6b3a\u9a97\u3002\u5efa\u8bae\u8bbe\u7f6e\u4e3a\u201cyes\u201d)
# AddressFamily any (\u8bbe\u7f6e\u5141\u8bb8\u7684\u5730\u5740)
# ConnectTimeout 0 (\u8fde\u63a5\u8d85\u65f6)
# StrictHostKeyChecking ask (\u5982\u679c\u8bbe\u7f6e\u6210\u201cyes\u201d\uff0cssh\u5c31\u4e0d\u4f1a\u81ea\u52a8\u628a\u8ba1\u7b97\u673a\u7684\u5bc6\u5319\u52a0\u5165\u201c$HOME\/.ssh)
# IdentityFile ~\/.ssh\/identity (\u8bbe\u7f6e\u4ece\u54ea\u4e2a\u6587\u4ef6\u8bfb\u53d6\u7528\u6237\u7684RSA\u5b89\u5168\u9a8c\u8bc1\u6807\u8bc6)
# IdentityFile ~\/.ssh\/id_rsa
# IdentityFile ~\/.ssh\/id_dsa
# Port 22 (\u8bbe\u7f6e\u8fde\u63a5\u5230\u8fdc\u7a0b\u4e3b\u673a\u7684\u7aef\u53e3)
# Protocol 2,1 (\u8bbe\u7f6e\u534f\u8bae\u7248\u672c\uff0c\u5efa\u610f\u75282)
# Cipher 3des (\u8bbe\u7f6e\u52a0\u5bc6\u7528\u7684\u5bc6\u7801)
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
# EscapeChar ~ (\u8bbe\u7f6eescape\u5b57\u7b26)
# Tunnel no (\u96a7\u9053\u6a21\u5f0f)
# TunnelDevice any:any
# PermitLocalCommand no
# VisualHostKey no<\/p><\/blockquote>\n=======================================================<\/p>\n
sshd_config<\/p>\n
#Port 22 (\u8bbe\u7f6esshd\u76d1\u542c\u7684\u7aef\u53e3\u53f7)
#AddressFamily any
#ListenAddress 0.0.0.0 (\u8bbe\u7f6esshd\u670d\u52a1\u5668\u7ed1\u5b9a\u7684IP\u5730\u5740)
#ListenAddress ::<\/p>\nProtocol 2 (\u8bbe\u7f6e\u534f\u8bae\u7248\u672c)<\/p>\n
# HostKey for protocol version 1
#HostKey \/etc\/ssh\/ssh_host_key (\u8bbe\u7f6e\u5305\u542b\u8ba1\u7b97\u673a\u79c1\u4eba\u5bc6\u5319\u7684\u6587\u4ef6)
# HostKeys for protocol version 2
#HostKey \/etc\/ssh\/ssh_host_rsa_key
#HostKey \/etc\/ssh\/ssh_host_dsa_key<\/p>\n# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h (KeyRegenerationInterval\u30003600)
#ServerKeyBits 1024 (\u5b9a\u4e49\u670d\u52a1\u5668\u5bc6\u5319\u7684\u4f4d\u6570)<\/p>\n# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH (\u8bbe\u7f6e\u5728\u8bb0\u5f55\u6765\u81easshd\u7684\u6d88\u606f\u7684\u65f6\u5019\uff0c\u662f\u5426\u7ed9\u51fa\u201cfacility\u3000code\u201d)
SyslogFacility AUTHPRIV
#LogLevel INFO (\u8bbe\u7f6e\u8bb0\u5f55sshd\u65e5\u5fd7\u6d88\u606f\u7684\u5c42\u6b21\u3002INFO\u662f\u4e00\u4e2a\u597d\u7684\u9009\u62e9\u3002\u67e5\u770bsshd\u7684man\u5e2e
\u52a9\u9875\uff0c\u5df2\u83b7\u53d6\u66f4\u591a\u7684\u4fe1\u606f)<\/p>\n# Authentication:<\/p>\n
#LoginGraceTime 2m (\u8bbe\u7f6e\u5982\u679c\u7528\u6237\u4e0d\u80fd\u6210\u529f\u767b\u5f55\uff0c\u5728\u5207\u65ad\u8fde\u63a5\u4e4b\u524d\u670d\u52a1\u5668\u9700\u8981\u7b49\u5f85\u7684\u65f6\u95f4)
#PermitRootLogin yes (\u8bbe\u7f6eroot\u80fd\u4e0d\u80fd\u7528ssh\u767b\u5f55\u3002\u8fd9\u4e2a\u9009\u9879\u4e00\u5b9a\u4e0d\u8981\u8bbe\u6210\u201cyes\u201d)
#StrictModes yes (\u8bbe\u7f6essh\u5728\u63a5\u6536\u767b\u5f55\u8bf7\u6c42\u4e4b\u524d\u662f\u5426\u68c0\u67e5\u7528\u6237\u5bb6\u76ee\u5f55\u548crhosts\u6587\u4ef6\u7684\u6743\u9650\u548c\u6240
\u6709\u6743\u3002\u8fd9\u901a\u5e38\u662f\u5fc5\u8981\u7684\uff0c\u56e0\u4e3a\u65b0\u624b\u7ecf\u5e38\u4f1a\u628a\u81ea\u5df1\u7684\u76ee\u5f55\u548c\u6587\u4ef6\u8bbe\u6210\u4efb\u4f55\u4eba\u90fd\u6709\u5199\u6743\u9650)
#MaxAuthTries 6 (\u9650\u5236\u767b\u9646\u5bc6\u7801\u8f93\u9519\u6b21\u6570)
#MaxSessions 10<\/p>\n#RSAAuthentication yes (\u8bbe\u7f6e\u662f\u5426\u5141\u8bb8\u7528rhosts\u6216\u201c\/etc\/hosts.equiv\u201d\u52a0\u4e0aRSA\u8fdb\u884c\u5b89\u5168\u9a8c\u8bc1)
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh\/authorized_keys<\/p>\n# For this to work you will also need host keys in \/etc\/ssh\/ssh_known_hosts
#RhostsRSAAuthentication no (\u8bbe\u7f6e\u662f\u5426\u5141\u8bb8\u7528rhosts\u6216\u201c\/etc\/hosts.equiv\u201d\u52a0\u4e0aRSA\u8fdb\u884c\u5b89\u5168\u9a8c\u8bc1)
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~\/.ssh\/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no (\u8bbe\u7f6essh\u3000daemon\u662f\u5426\u5728\u8fdb\u884cRhostsRSAAuthentication\u5b89\u5168\u9a8c\u8bc1
\u7684\u65f6\u5019\u5ffd\u7565\u7528\u6237\u7684\u201c$HOME\/.ssh\/known_hosts)
# Don't read the user's ~\/.rhosts and ~\/.shosts files
#IgnoreRhosts yes (\u8bbe\u7f6e\u9a8c\u8bc1\u7684\u65f6\u5019\u662f\u5426\u4f7f\u7528\u201crhosts\u201d\u548c\u201cshosts\u201d\u6587\u4ef6)<\/p>\n# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes (\u8bbe\u7f6e\u662f\u5426\u5141\u8bb8\u53e3\u4ee4\u9a8c\u8bc1)
#PermitEmptyPasswords no (\u8bbe\u7f6e\u662f\u5426\u5141\u8bb8\u7528\u53e3\u4ee4\u4e3a\u7a7a\u7684\u5e10\u53f7\u767b\u5f55)
PasswordAuthentication yes<\/p>\n# Change to no to disable s\/key passwords
#ChallengeResponseAuthentication yes
ChallengeResponseAuthentication no<\/p>\n# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no<\/p>\n# GSSAPI options
#GSSAPIAuthentication no
GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
GSSAPICleanupCredentials yes<\/p>\n# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
#UsePAM no
UsePAM yes<\/p>\n# Accept locale-related environment variables
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE<\/p>\n#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no (\u8bbe\u7f6e\u662f\u5426\u5141\u8bb8X11\u8f6c\u53d1)
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes (\u8bbe\u7f6esshd\u662f\u5426\u5728\u7528\u6237\u767b\u5f55\u7684\u65f6\u5019\u663e\u793a\u201c\/etc\/motd\u201d\u4e2d\u7684\u4fe1\u606f)
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#ShowPatchLevel no
#UseDNS yes
#PidFile \/var\/run\/sshd.pid
#MaxStartups 10 (\u540c\u65f6\u767b\u5f55\u7684\u7528\u6237\u7684\u4e2a\u6570)
#PermitTunnel no
#ChrootDirectory none (ChrootDirectory \/home\/%u\u6539\u53d8\u767b\u9646\u8005\u7684\u76ee\u5f55)<\/p>\n# no default banner path
#Banner none<\/p>\n# override default of no subsystems
Subsystem sftp \/usr\/libexec\/openssh\/sftp-server<\/p>\n# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"ssh_config # Host * (\u53ea\u5bf9\u80fd\u591f\u5339\u914d\u540e\u9762\u5b57\u4e32\u7684\u8ba1\u7b97\u673a\u6709\u6548\u3002\u201c*\u201d\u8868\u793a\u6240 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-136","post","type-post","status-publish","format-standard","hentry","category-linux"],"_links":{"self":[{"href":"https:\/\/www.kumouse.com\/index.php?rest_route=\/wp\/v2\/posts\/136","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kumouse.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kumouse.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kumouse.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kumouse.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=136"}],"version-history":[{"count":0,"href":"https:\/\/www.kumouse.com\/index.php?rest_route=\/wp\/v2\/posts\/136\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.kumouse.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=136"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kumouse.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=136"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kumouse.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=136"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}