├── README.md └── centos7x64 ├── auth.ssh ├── authorized_keys └── sshd_config /README.md: -------------------------------------------------------------------------------- 1 | # Centos 2 | 3 | ``` 4 | yum -y install git \ 5 | && git clone https://github.com/speed/ssh.git \ 6 | && sh ssh/centos7x64/auth.ssh 7 | ``` 8 | 9 | # Ubuntu 10 | ``` 11 | apt-get -y update \ 12 | && apt-get -y install git-core \ 13 | && git clone https://github.com/speed/ssh.git \ 14 | && sh ssh/centos7x64/auth.ssh 15 | ``` 16 | -------------------------------------------------------------------------------- /centos7x64/auth.ssh: -------------------------------------------------------------------------------- 1 | mkdir ~/.ssh 2 | 3 | \cp /etc/ssh/sshd_config /etc/ssh/sshd_config_bak 4 | 5 | \cp ~/ssh/centos7x64/sshd_config ~/ssh/centos7x64/sshd_config_bak 6 | 7 | grep 'Port ' /etc/ssh/sshd_config >> ~/ssh/centos7x64/sshd_config_bak 8 | 9 | \cp ~/ssh/centos7x64/authorized_keys .ssh/authorized_keys 10 | \cp ~/ssh/centos7x64/sshd_config_bak /etc/ssh/sshd_config 11 | 12 | systemctl restart sshd 13 | -------------------------------------------------------------------------------- /centos7x64/authorized_keys: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAjBXMGsuMHVJH5ydhgtJ4WudWV2o6kQ4e6rZ5PFcXf/+6b1MlIWVOmB0Btwlpg8IKq8kjQ2r+w2LRKUl2mMeRRNbkgsLmSfLsZ0TqwFMTts6xKqcxpHjkMPIiCT/zOeKjvzK5TPRlB4fGEm9V2mJXNM//MqByjn+z2vNCBPCWv2UJWbJ9Xu8Td5nWvnjjqZwxGKDFo0VAvVNy8V0CZ1Pc0TNYkIArW6V6Vblq89K+v7Ffr2avIzK2hLSfnoCmmXYQ+pggyWjTBW+35GRHKtQvr40uB8+xi+bGQkQCDyMk7wHBwf58E44umy+pRbfsMfyTBPOTY/Y2FkZuHw9TSC4YJQ== rsa-key-20161104 2 | -------------------------------------------------------------------------------- /centos7x64/sshd_config: -------------------------------------------------------------------------------- 1 | # $OpenBSD: sshd_config,v 1.93 2014/01/10 05:59:19 djm Exp $ 2 | 3 | # This is the sshd server system-wide configuration file. See 4 | # sshd_config(5) for more information. 5 | 6 | # This sshd was compiled with PATH=/usr/local/bin:/usr/bin 7 | 8 | # The strategy used for options in the default sshd_config shipped with 9 | # OpenSSH is to specify options with their default value where 10 | # possible, but leave them commented. Uncommented options override the 11 | # default value. 12 | 13 | # If you want to change the port on a SELinux system, you have to tell 14 | # SELinux about this change. 15 | # semanage port -a -t ssh_port_t -p tcp #PORTNUMBER 16 | # 17 | # 18 | #AddressFamily any 19 | #ListenAddress 0.0.0.0 20 | #ListenAddress :: 21 | 22 | # The default requires explicit activation of protocol 1 23 | Protocol 2 24 | 25 | # HostKey for protocol version 1 26 | #HostKey /etc/ssh/ssh_host_key 27 | # HostKeys for protocol version 2 28 | HostKey /etc/ssh/ssh_host_rsa_key 29 | #HostKey /etc/ssh/ssh_host_dsa_key 30 | HostKey /etc/ssh/ssh_host_ecdsa_key 31 | HostKey /etc/ssh/ssh_host_ed25519_key 32 | 33 | # Lifetime and size of ephemeral version 1 server key 34 | #KeyRegenerationInterval 1h 35 | ServerKeyBits 1024 36 | 37 | # Ciphers and keying 38 | #RekeyLimit default none 39 | 40 | # Logging 41 | # obsoletes QuietMode and FascistLogging 42 | #SyslogFacility AUTH 43 | SyslogFacility AUTHPRIV 44 | #LogLevel INFO 45 | 46 | # Authentication: 47 | 48 | #LoginGraceTime 2m 49 | # 50 | #StrictModes yes 51 | #MaxAuthTries 6 52 | #MaxSessions 10 53 | 54 | #RSAAuthentication yes 55 | #PubkeyAuthentication yes 56 | 57 | # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 58 | # but this is overridden so installations will only check .ssh/authorized_keys 59 | AuthorizedKeysFile .ssh/authorized_keys 60 | 61 | #AuthorizedPrincipalsFile none 62 | 63 | #AuthorizedKeysCommand none 64 | #AuthorizedKeysCommandUser nobody 65 | 66 | # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts 67 | #RhostsRSAAuthentication no 68 | # similar for protocol version 2 69 | #HostbasedAuthentication no 70 | # Change to yes if you don't trust ~/.ssh/known_hosts for 71 | # RhostsRSAAuthentication and HostbasedAuthentication 72 | #IgnoreUserKnownHosts no 73 | # Don't read the user's ~/.rhosts and ~/.shosts files 74 | #IgnoreRhosts yes 75 | 76 | # To disable tunneled clear text passwords, change to no here! 77 | #PasswordAuthentication yes 78 | PermitEmptyPasswords no 79 | PasswordAuthentication no 80 | 81 | # Change to no to disable s/key passwords 82 | #ChallengeResponseAuthentication yes 83 | ChallengeResponseAuthentication no 84 | 85 | # Kerberos options 86 | #KerberosAuthentication no 87 | #KerberosOrLocalPasswd yes 88 | #KerberosTicketCleanup yes 89 | #KerberosGetAFSToken no 90 | #KerberosUseKuserok yes 91 | 92 | # GSSAPI options 93 | GSSAPIAuthentication yes 94 | GSSAPICleanupCredentials no 95 | #GSSAPIStrictAcceptorCheck yes 96 | #GSSAPIKeyExchange no 97 | #GSSAPIEnablek5users no 98 | 99 | # Set this to 'yes' to enable PAM authentication, account processing, 100 | # and session processing. If this is enabled, PAM authentication will 101 | # be allowed through the ChallengeResponseAuthentication and 102 | # PasswordAuthentication. Depending on your PAM configuration, 103 | # PAM authentication via ChallengeResponseAuthentication may bypass 104 | # the setting of "PermitRootLogin without-password". 105 | # If you just want the PAM account and session checks to run without 106 | # PAM authentication, then enable this but set PasswordAuthentication 107 | # and ChallengeResponseAuthentication to 'no'. 108 | # WARNING: 'UsePAM no' is not supported in Red Hat Enterprise Linux and may cause several 109 | # problems. 110 | UsePAM yes 111 | 112 | #AllowAgentForwarding yes 113 | #AllowTcpForwarding yes 114 | #GatewayPorts no 115 | X11Forwarding no 116 | #X11DisplayOffset 10 117 | #X11UseLocalhost yes 118 | #PermitTTY yes 119 | #PrintMotd yes 120 | #PrintLastLog yes 121 | #TCPKeepAlive yes 122 | #UseLogin no 123 | UsePrivilegeSeparation sandbox # Default for new installations. 124 | #PermitUserEnvironment no 125 | #Compression delayed 126 | #ClientAliveInterval 0 127 | #ClientAliveCountMax 3 128 | #ShowPatchLevel no 129 | #UseDNS yes 130 | #PidFile /var/run/sshd.pid 131 | #MaxStartups 10:30:100 132 | #PermitTunnel no 133 | #ChrootDirectory none 134 | #VersionAddendum none 135 | 136 | # no default banner path 137 | #Banner none 138 | 139 | # Accept locale-related environment variables 140 | AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES 141 | AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT 142 | AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE 143 | AcceptEnv XMODIFIERS 144 | 145 | # override default of no subsystems 146 | Subsystem sftp /usr/libexec/openssh/sftp-server 147 | 148 | # Example of overriding settings on a per-user basis 149 | #Match User anoncvs 150 | # X11Forwarding no 151 | # AllowTcpForwarding no 152 | # PermitTTY no 153 | # ForceCommand cvs server 154 | 155 | PermitRootLogin yes 156 | --------------------------------------------------------------------------------