From 3d29ecb8767d923f79b82566fd57b08db76b8fc5 Mon Sep 17 00:00:00 2001 From: Silvino Silva Date: Sat, 15 Oct 2016 01:31:34 +0100 Subject: tools revision --- tools/openssh.html | 36 ++++++++++++++++++++++-------------- 1 file changed, 22 insertions(+), 14 deletions(-) (limited to 'tools/openssh.html') diff --git a/tools/openssh.html b/tools/openssh.html index 3fe72e3..d0a549c 100644 --- a/tools/openssh.html +++ b/tools/openssh.html @@ -2,11 +2,11 @@ - 1. OpenSSH + OpenSSH Tools Index -

1. OpenSSH

+

OpenSSH

OpenBSD Secure Shell, is a suite of security-related network-level utilities based on the SSH protocol, @@ -14,7 +14,7 @@ encryption of network traffic over multiple authentication methods and by providing secure tunneling capabilities.

-

1.1. Server

+

1. Server

Crux openssh port install this files to etc;

@@ -45,7 +45,7 @@ $ man sshd -

1.1.1. Configure Server

+

1.1. Configure Server

Read OpenSSH server Best Security Practices, @@ -68,7 +68,12 @@ #ListenAddress :: -

Authentication settings;

+ 
+        # The default requires explicit activation of protocol 1
+        Protocol 2
+
+ +

Authentication settings;

         # Authentication:
@@ -114,9 +119,10 @@
         Banner /etc/issue
+

1.2. Configure iptables

Iptables;

-

Example of iptable script

+

Example of system-iptables.sh

         $IPT -A INPUT  -i ${PUB_IF} -p tcp --dport 2222 --sport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
@@ -124,6 +130,8 @@
         $IPT -A OUTPUT -o ${PUB_IF} -p tcp --sport 2222 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
+

1.3. Configure Syslog-ng

+

Change SyslogFacility in accordance with syslog-ng configuration;

@@ -154,7 +162,7 @@
         # ss -f inet -l -p | grep ssh
-

1.2. Client

+

2. Client

To create new key;

@@ -186,7 +194,7 @@ $ chmod 600 ~/.ssh/gitolite -

1.2.1. Install Public Keys

+

2.1. Install Public Keys

Send gitolite.pub public key to server. In this example bob (administrator of gitolite) is on same host, @@ -215,7 +223,7 @@ $ ssh -P 2222 bob@remote.org -

1.2.2. Configure Identities

+

2.2. Configure Identities

When you have multiple accounts/identities you can configure ssh client so you dont need to give @@ -270,7 +278,7 @@

Logout just detach from session with ctrl + b d

-

1.3. Reverse connection

+

3. Reverse connection

This information is inspired by Reverse SSH connections @@ -295,10 +303,10 @@ Tools Index

This is part of the c9-doc Manual. -Copyright (C) 2016 -c9 team. -See the file Gnu Free Documentation License -for copying conditions.

+ Copyright (C) 2016 + c9 team. + See the file Gnu Free Documentation License + for copying conditions.

-- cgit 1.4.1-2-gfad0