Home / Unlabelled / Ganti port dan seting private key untuk ssh centos 7

Ganti port dan seting private key untuk ssh centos 7



Ganti Port
===============================
First Take a backup copy of the existing SSH server configuration :
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
Now Edit the configuration file :
vim /etc/ssh/sshd_config
and change the Port number from 22 to any custom port you choose :
Port 2244
Save the file with :wq!
# If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
Example Case :
you need to install policycoreutils package to run the semanage command. to do this :
yum -y install policycoreutils-python
now update SeLinux policy to allow new port for SSH service. to do this, run below :
semanage port -a -t ssh_port_t -p tcp 2244
now you need to update Firewall policy to allow new SSH Port, to do this run below :
firewall-cmd --permanent --zone=public --add-port=2244/tcp
firewall-cmd --reload
systemctl restart sshd.service
to Check the service status, run below :
ss -tnlp | grep ssh

Setting Private key

===============================



Once you have access to your account on the remote server, you should make sure the ~/.ssh directory exists. This command will create the directory if necessary, or do nothing if it already exists:


    

  • mkdir -p ~/.ssh
    • 




copykan atau buat file authorized_keys dengan isi public key yang akan di gunakan.




    

  • vi authorized_keys
    • 








Finally, we’ll ensure that the ~/.ssh directory and authorized_keys file have the appropriate permissions set:


    

  • chmod -R go= ~/.ssh

    • 






This recursively removes all “group” and “other” permissions for the ~/.ssh/ directory.



If you’re using the root account to set up keys for a user account, it’s also important that the ~/.sshdirectory belongs to the user and not to root:


    

  • chown -R sammy:sammy ~/.ssh

    • 






In this tutorial our user is named sammy but you should substitute the appropriate username into the above command.



We can now attempt passwordless authentication with our Ubuntu server.



cara login ssh








    

  • chown -R sammy: sudo ssh -i path_private_key_disimpan -p port user@IP_yang_dituju
    • 













Ganti port dan seting private key untuk ssh centos 7 
Ganti port dan seting private key untuk ssh centos 7 
 
        Reviewed by ilham.sp
        on 
        
July 09, 2018

 
        Rating: 5















You May Also Like





    







      

    






No comments:






































Subscribe to:

Post Comments
                      (
                      Atom
                      )
                    


















          



            
          



Notice




This site uses cookies from Google to deliver its services, to personalise ads and to analyse traffic. Information about your use of this site is shared with Google. By using this site, you agree to its use of cookies.Learn More














































Powered by Blogger.