doc: sshd

2021-10-31 19:44:41 +03:00 · 2021-10-31 19:44:41 +03:00 · 88aa25d7bf
commit 88aa25d7bf
parent e2d5876f5d
1 changed files with 28 additions and 0 deletions
--- a/doc/ssh.md
+++ b/doc/ssh.md
@ -0,0 +1,28 @@
+`/etc/ssh/sshd_config`
+* Adding public key to remote machine :\
+     * ```ssh remotehost "umask 077; cat > .ssh/authorized_keys" < .ssh/id_rsa_backup.pub```
+     
+
+* Access for VPS:
+     * ```
+       PubkeyAuthentication yes
+       
+       PasswordAuthentication no
+       Match User root
+           PasswordAuthentication yes
+       ```
+
+* For local server:
+    * ```
+      PubkeyAuthentication yes  # only ssh-key
+      
+      PermitRootLogin no  # only sudo and su
+      Match Host 192.168.5.*,127.0.0.1
+          PermitRootLogin yes  # root only local
+      
+      PasswordAuthentication no
+      Match User root
+          PasswordAuthentication yes  # root auth only password from local
+      ```
+
+https://www.opennet.ru/base/sec/ssh_tips.txt.html