{"id":52,"date":"2009-12-21T23:24:33","date_gmt":"2009-12-21T14:24:33","guid":{"rendered":"http:\/\/www.free-style.biz\/lifediary\/?p=52"},"modified":"2009-12-21T23:24:33","modified_gmt":"2009-12-21T14:24:33","slug":"ssh%e3%81%af%e4%be%bf%e5%88%a9%e3%81%a0%e3%81%91%e3%81%a9%e3%83%bb%e3%83%bb%e3%83%bb","status":"publish","type":"post","link":"https:\/\/www.free-style.biz\/lifediary\/?p=52","title":{"rendered":"SSH\u306f\u4fbf\u5229\u3060\u3051\u3069\u30fb\u30fb\u30fb"},"content":{"rendered":"<p>\u76f4\u63a5\u5165\u529b\u3059\u308b\u306e\u3082\u5927\u5909\u3067\u3059\u306e\u3067\u3001SSH\u3092\u5165\u308c\u307e\u3057\u3087\u3046\u3002<br \/>\nTera\u3000Term\u3067\u30ed\u30b0\u30a4\u30f3\u3059\u308c\u3070\u3001\u8cbc\u308a\u4ed8\u3051\u306a\u3069\u3067\u4f5c\u696d\u52b9\u7387\u3082\u30b0\u30c3\u3068\u4e0a\u304c\u308a\u307e\u3059\u3002<br \/>\nCentOS5.3\u306b\u306fSSH\u30b5\u30fc\u30d0\u30fc\u306f\u6700\u521d\u304b\u3089\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u3044\u307e\u3059\u306e\u3067\u3001\u65e9\u901f\u8a2d\u5b9a\u3092\u59cb\u3081\u307e\u3057\u3087\u3046\u3002<br \/>\n# vi \/etc\/ssh\/sshd_config<br \/>\n\u6a19\u6e96\u30dd\u30fc\u30c8\u306f22\u756a\u3067\u3059\u304c\u3001\u9650\u3089\u308c\u305f\u4eba\u304c\u4f7f\u3046\u5834\u5408\u306f\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306e\u89b3\u70b9\u304b\u3089\u5909\u66f4\u3057\u307e\u3057\u3087\u3046\u3002<br \/>\n#Port 22<br \/>\n<strong>Port 10022<\/strong><br \/>\n\u30ed\u30b0\u30a4\u30f3\u3057\u305f\u3068\u304d\u306e\u30d0\u30ca\u30fc\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002\u5a01\u5687\u7a0b\u5ea6\u306b\u3057\u304b\u306a\u308a\u307e\u305b\u3093\u304c\u30fb\u30fb\u30fb<br \/>\n#Banner \/some\/path<br \/>\n<strong>Banner \/etc\/ssh\/banner.txt<\/strong><br \/>\nSSH\u306f\u30d0\u30ca\u30fc\u306f\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u5185\u3067\u306f\u306a\u304f\u3001\u5225\u30d5\u30a1\u30a4\u30eb\u306b\u8a18\u8ff0\u3057\u307e\u3059\u3002<br \/>\n\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u306e\u6700\u5f8c\u306b\u30ed\u30b0\u30a4\u30f3\u3067\u304d\u308b\u30e6\u30fc\u30b6\u30fc\u3092\u8a18\u8ff0\u3057\u307e\u3057\u3087\u3046\u3002IP\u30a2\u30c9\u30ec\u30b9\u3092\u56fa\u5b9a\u3067\u304d\u308b\u306e\u3067\u3042\u308c\u3070\u3001root\u3082\u30a2\u30ea\u3067\u3059\u306d\u3002<br \/>\n<strong>AllowUsers root<\/strong><br \/>\n\u8a2d\u5b9a\u30d5\u30a1\u30a4\u30eb\u3092\u4fdd\u5b58\u3057\u3066\u3001\u30ed\u30b0\u30a4\u30f3\u6642\u306b\u8868\u793a\u3059\u308b\u30d0\u30ca\u30fc\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<br \/>\n# touch \/etc\/ssh\/banner.txt<br \/>\n# vi \/etc\/ssh\/banner.txt<br \/>\n<strong>Welcome! SSH Service. This login is recorded in the log.<\/strong><br \/>\n\u8a2d\u5b9a\u5f8c\u306b\u30c7\u30fc\u30e2\u30f3\u306e\u518d\u8d77\u52d5\u3057\u307e\u3059\u3002<br \/>\n# service sshd restart<br \/>\n\u30dd\u30fc\u30c8\u3092\u5909\u66f4\u3057\u305f\u5834\u5408\u306f\u518d\u63a5\u7d9a\u3057\u307e\u3059\u3001<br \/>\n\u305d\u308c\u3067\u306fTCPWrappers\u3092\u6b21\u306b\u8a2d\u5b9a\u3057\u307e\u3059\u3002CentOS\u306b\u306f\u6700\u521d\u304b\u3089\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u3053\u306e\u6a5f\u80fd\u3067\u306f\u30c7\u30fc\u30e2\u30f3\u6bce\u306b\u5229\u7528\u3059\u308b\u74b0\u5883\u3092\u5236\u9650\u3057\u305f\u308a\u3001\u4ed8\u5c5e\u3057\u3066\u30a2\u30af\u30b7\u30e7\u30f3\u3092\u6307\u5b9a\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<br \/>\n<a href=\"http:\/\/www.redhat.com\/docs\/manuals\/enterprise\/RHEL-4-Manual\/ja\/security-guide\/ch-server.html\" target=\"_blank\">http:\/\/www.redhat.com\/docs\/manuals\/enterprise\/RHEL-4-Manual\/ja\/security-guide\/ch-server.html<\/a><br \/>\n\u6ce8\u610f\u3059\u308b\u306e\u306f<u>\u518d\u8d77\u52d5\u306f\u4e0d\u8981<\/u>\u3068\u3044\u3046\u3053\u3068\uff01<br \/>\n\u4fdd\u5b58\u3068\u540c\u6642\u306b\u8a2d\u5b9a\u304c\u9069\u7528\u3055\u308c\u308b\u306e\u3067\u3001\u6ce8\u610f\u3057\u3066\u6700\u5f8c\u306e\u4fdd\u5b58\u306f\u30dc\u30bf\u30f3\u3092\u62bc\u3057\u3066\u304f\u3060\u3055\u3044\u306d\u3002<br \/>\n\u8a31\u53ef\u30d5\u30a1\u30a4\u30eb\u306bIP\u30a2\u30c9\u30ec\u30b9\u3068\u8a31\u53ef\u3055\u308c\u305f\u5834\u5408\u306b\u30ed\u30b0\u306b\u8a18\u9332\u3059\u308b\u30a2\u30af\u30b7\u30e7\u30f3\u3092\u8a18\u8ff0\u3057\u307e\u3059\u3002<br \/>\n# vi \/etc\/hosts.allow<br \/>\n<strong>sshd : 127.0.0.1 192.168.0. : banners \/etc\/banners\/<\/strong><br \/>\n\u8a18\u8ff0\u306f\u3001<u>(\u30c7\u30fc\u30e2\u30f3\u540d):\u8a31\u53ef\u3059\u308bIP\u30a2\u30c9\u30ec\u30b9:\u8a31\u53ef\u3055\u308c\u305f\u5834\u5408\u306e\u30a2\u30af\u30b7\u30e7\u30f3<\/u>\u3001\u3068\u3044\u3046\u9806\u3068\u306a\u308a\u307e\u3059\u3002<br \/>\n\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u7bc4\u56f2\u3067IP\u30a2\u30c9\u30ec\u30b9\u3092\u6307\u5b9a\u3059\u308b\u5834\u5408\u306f\u3001<br \/>\n<strong>192.168.0.<\/strong>  (\u6700\u5f8c\u306b\u300c.\u300d\u3092\u5fd8\u308c\u305a\u306b\uff01)<br \/>\n\u307e\u305f\u306f\u3001<br \/>\n<strong>192.168.0.0\/255.255.255.0<\/strong><br \/>\n\u3068\u8a18\u8ff0\u3057\u307e\u3059\u3002<br \/>\n\u3088\u304f\u3042\u308b 192.168.0.0\/24 \u306f\u30a8\u30e9\u30fc\u306b\u306a\u308b\u306e\u3067\u4f7f\u3048\u307e\u305b\u3093\u3002<br \/>\n\u62d2\u5426\u30d5\u30a1\u30a4\u30eb\u306bIP\u30a2\u30c9\u30ec\u30b9\u3068\u62d2\u5426\u3055\u308c\u305f\u5834\u5408\u306b\u30ed\u30b0\u306b\u8a18\u9332\u3059\u308b\u30a2\u30af\u30b7\u30e7\u30f3\u3092\u8a18\u8ff0\u3057\u307e\u3059\u3002<br \/>\n# vi \/etc\/hosts.deny<br \/>\n<strong>sshd : ALL : spawn \/bin\/echo `LANG=C \/bin\/date` from %h>> \/var\/log\/sshd_reject.log<\/strong><br \/>\n\u8a18\u8ff0\u306f\u3001<u>(\u30c7\u30fc\u30e2\u30f3\u540d):\u62d2\u5426\u3059\u308bIP\u30a2\u30c9\u30ec\u30b9:\u62d2\u5426\u3055\u308c\u305f\u5834\u5408\u306e\u30a2\u30af\u30b7\u30e7\u30f3<\/u>\u3001\u3068\u3044\u3046\u9806\u3068\u306a\u308a\u307e\u3059\u3002<br \/>\n\u4e0a\u8a18\u306e\u4f8b\u3067\u306f\u62d2\u5426\u3055\u308c\u305fIP\u30a2\u30c9\u30ec\u30b9\u3092\u30ed\u30b0\u306b\u8a18\u9332\u3057\u3066\u3044\u307e\u3059\u3002<br \/>\n\u3042\uff01\u305d\u3046\u305d\u3046<u>\u63a5\u7d9a\u30dd\u30fc\u30c8\u3092\u5909\u66f4\u3059\u308b\u5834\u5408\u306f\u3001SSH\u306e\u8a2d\u5b9a\u524d\u306b\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u3092\u505c\u6b62<\/u>\u3055\u305b\u3066\u304f\u3060\u3055\u3044\u306d\u3002<br \/>\n# service iptables stop<br \/>\n\u5916\u90e8\u304b\u3089\u63a5\u7d9a\u3057\u3066\u3044\u308b\u5834\u5408\u306f\u4f55\u3082\u3067\u304d\u306a\u304f\u306a\u3063\u3066\u3057\u307e\u3044\u307e\u3059\u3088\uff01<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u76f4\u63a5\u5165\u529b\u3059\u308b\u306e\u3082\u5927\u5909\u3067\u3059\u306e\u3067\u3001SSH\u3092\u5165\u308c\u307e\u3057\u3087\u3046\u3002 Tera\u3000Term\u3067\u30ed\u30b0\u30a4\u30f3\u3059\u308c\u3070\u3001\u8cbc\u308a\u4ed8\u3051\u306a\u3069\u3067\u4f5c\u696d\u52b9\u7387\u3082\u30b0\u30c3\u3068\u4e0a\u304c\u308a\u307e\u3059\u3002 CentOS5.3\u306b\u306fSSH\u30b5\u30fc\u30d0\u30fc\u306f\u6700\u521d\u304b\u3089\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u3044\u307e\u3059\u306e\u3067\u3001\u65e9\u901f\u8a2d\u5b9a\u3092 &hellip; <a href=\"https:\/\/www.free-style.biz\/lifediary\/?p=52\" class=\"more-link\">\u7d9a\u304d\u3092\u8aad\u3080 <span class=\"screen-reader-text\">SSH\u306f\u4fbf\u5229\u3060\u3051\u3069\u30fb\u30fb\u30fb<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[12],"tags":[],"class_list":["post-52","post","type-post","status-publish","format-standard","hentry","category-linux"],"_links":{"self":[{"href":"https:\/\/www.free-style.biz\/lifediary\/index.php?rest_route=\/wp\/v2\/posts\/52","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.free-style.biz\/lifediary\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.free-style.biz\/lifediary\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.free-style.biz\/lifediary\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.free-style.biz\/lifediary\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=52"}],"version-history":[{"count":0,"href":"https:\/\/www.free-style.biz\/lifediary\/index.php?rest_route=\/wp\/v2\/posts\/52\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.free-style.biz\/lifediary\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=52"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.free-style.biz\/lifediary\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=52"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.free-style.biz\/lifediary\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=52"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}