1. Disable Root Login
yang nih bahaya jugak tapi korang leh wat disable.. sebab kalu Linux dia ada login Root.. Dalam Gentoo dia dalam /etc/ssh/sshd_config..
PermitRootLogin no
2. pastuh korang tukar port korang jugakk.. dari 22 mungkin ker 2837 ker apa ker.. ikut suka... dalam /etc/ssh/sshd_config
Port 2199
Protocol 2
#ListenAddress 0.0.0.0
#ListenAddress ::
3. Guner kan SSH Public/Private Key Authentication (agak complekss)
apa yang korang perlukan adalah Putty
dan jangan luper PuttyGen (Putty Key Generator Tool to save Private key)
3.1 korang edit pada /etc/ssh/sshd_config pastuh uncomment line tersebut
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
3.2 anggap nix adalah korangnya username. kite generate key public dan private
[nix@servnix ~]$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/nix/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/nix/.ssh/id_dsa.
Your public key has been saved in /home/nix/.ssh/id_dsa.pub.
The key fingerprint is:
a9:22:30:c4:ed:df:1c:e5:7b:3c:53:b4:82:aa:33:18 nix@servnix.org
kalu korang pasan
id_dsa -> private key disimpan dalam /home/
id_dsa.pub -> yang nih public key /home/
3.3 Downloading Private Key to Putty (SSH client)
kite akan download key dari server dan jadikan dia dalam file .ppk (putty private key file)
Ingat korang kene tau public key akan disimpan dalam server jugak ok? (dalam home/
3.4 buka file id_dsa dan simpan dalam pvtkey.txt.
pastuh Start puttygen.exe > Load Existing Private Key > privkey.txt > Save Private Key
Save private key as privkey.ppk
last step yek... korang copy private key tadi ke server
cd /home/
mv ida_dsa.pub authorized_keys
pastuh korang leh delete id_dsa and id_dsa.pub...
siap!
No comments:
Post a Comment