ssh サーバのインストール

Debian LS-AVL/A

そろそろ終わりか?
sshd をインストールする

インストールするパッケージは?

root@av:~# apt-cache search ssh | grep server
aolserver4-nssha1 - AOLserver4 module: performs SHA1 hashes Provides a Tcl
dropbear - lightweight SSH2 server and client
fwknop-server - FireWall KNock OPerator server side
ldm-server - server components for LTSP display manager
lsh-doc - Secure Shell v2 (SSH2) client / server / utilities documentation
lsh-server - Secure Shell v2 (SSH2) protocol server
libnet-ssh-gateway-ruby1.8 - Ruby library for tunneling connections to servers with ssh
libnet-ssh-gateway-ruby1.9.1 - Ruby library for tunneling connections to servers with ssh
libnet-ssh-gateway-ruby - Ruby library for tunneling connections to servers with ssh
mssh - tool to administrate multiple servers at once
openssh-server - secure shell (SSH) server, for secure access from remote machines
ssh-krb5 - secure shell client and server (transitional package)
ssh - secure shell client and server (metapackage)
proxychains - proxy chains - redirect connections through proxy servers
scanssh - get SSH server versions for an entire network
ssh-contact-service - establish SSH connections to your IM contacts using Telepathy (server)
sshm - A command-line tool to manage your ssh servers
vncsnapshot - A utility that takes JPEG snapshots from VNC servers
weirdx - X server in Java
root@av:~#
また、どれをインストールしたらよいかわからん。
openssh-server かな。

openssh-server のインストール

root@av:~# apt-get install openssh-server
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
  python2.6-minimal libgsasl7 libmailutils2 python2.6 guile-1.8-libs
  libpython2.6 libntlm0 libltdl7
Use 'apt-get autoremove' to remove them.
The following extra packages will be installed:
  libx11-6 libx11-data libxau6 libxcb1 libxdmcp6 libxext6 libxmuu1
  openssh-blacklist openssh-blacklist-extra openssh-client xauth
Suggested packages:
  ssh-askpass libpam-ssh keychain rssh molly-guard ufw
The following NEW packages will be installed:
  libx11-6 libx11-data libxau6 libxcb1 libxdmcp6 libxext6 libxmuu1
  openssh-blacklist openssh-blacklist-extra openssh-client openssh-server
  xauth
0 upgraded, 12 newly installed, 0 to remove and 0 not upgraded.
Need to get 6657 kB of archives.
After this operation, 15.5 MB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 http://ftp.jp.debian.org/debian/ squeeze/main openssh-blacklist all 0.4.1 [2125 kB]
Get:2 http://ftp.jp.debian.org/debian/ squeeze/main openssh-blacklist-extra all 0.4.1 [2127 kB]
Get:3 http://ftp.jp.debian.org/debian/ squeeze/main openssh-client armel 1:5.5p1-6+squeeze1 [939 kB]
Get:4 http://ftp.jp.debian.org/debian/ squeeze/main libxau6 armel 1:1.0.6-1 [15.9 kB]
Get:5 http://ftp.jp.debian.org/debian/ squeeze/main libxdmcp6 armel 1:1.0.3-2 [17.9 kB]
Get:6 http://ftp.jp.debian.org/debian/ squeeze/main libxcb1 armel 1.6-1 [40.1 kB]
Get:7 http://ftp.jp.debian.org/debian/ squeeze/main libx11-data all 2:1.3.3-4 [190 kB]
Get:8 http://ftp.jp.debian.org/debian/ squeeze/main libx11-6 armel 2:1.3.3-4 [796 kB]
Get:9 http://ftp.jp.debian.org/debian/ squeeze/main libxext6 armel 2:1.1.2-1 [41.1 kB]
Get:10 http://ftp.jp.debian.org/debian/ squeeze/main libxmuu1 armel 2:1.0.5-2 [15.2 kB]
Get:11 http://ftp.jp.debian.org/debian/ squeeze/main openssh-server armel 1:5.5p1-6+squeeze1 [319 kB]
Get:12 http://ftp.jp.debian.org/debian/ squeeze/main xauth armel 1:1.0.4-1 [31.5 kB]
Fetched 6657 kB in 2s (2259 kB/s)
Preconfiguring packages ...
Selecting previously deselected package openssh-blacklist.
(Reading database ... 18440 files and directories currently installed.)
Unpacking openssh-blacklist (from .../openssh-blacklist_0.4.1_all.deb) ...
Selecting previously deselected package openssh-blacklist-extra.
Unpacking openssh-blacklist-extra (from .../openssh-blacklist-extra_0.4.1_all.deb) ...
Selecting previously deselected package openssh-client.
Unpacking openssh-client (from .../openssh-client_1%3a5.5p1-6+squeeze1_armel.deb) ...
Selecting previously deselected package libxau6.
Unpacking libxau6 (from .../libxau6_1%3a1.0.6-1_armel.deb) ...
Selecting previously deselected package libxdmcp6.
Unpacking libxdmcp6 (from .../libxdmcp6_1%3a1.0.3-2_armel.deb) ...
Selecting previously deselected package libxcb1.
Unpacking libxcb1 (from .../libxcb1_1.6-1_armel.deb) ...
Selecting previously deselected package libx11-data.
Unpacking libx11-data (from .../libx11-data_2%3a1.3.3-4_all.deb) ...
Selecting previously deselected package libx11-6.
Unpacking libx11-6 (from .../libx11-6_2%3a1.3.3-4_armel.deb) ...
Selecting previously deselected package libxext6.
Unpacking libxext6 (from .../libxext6_2%3a1.1.2-1_armel.deb) ...
Selecting previously deselected package libxmuu1.
Unpacking libxmuu1 (from .../libxmuu1_2%3a1.0.5-2_armel.deb) ...
Selecting previously deselected package openssh-server.
Unpacking openssh-server (from .../openssh-server_1%3a5.5p1-6+squeeze1_armel.deb) ...
Selecting previously deselected package xauth.
Unpacking xauth (from .../xauth_1%3a1.0.4-1_armel.deb) ...
Processing triggers for man-db ...
Setting up openssh-blacklist (0.4.1) ...
Setting up openssh-blacklist-extra (0.4.1) ...
Setting up openssh-client (1:5.5p1-6+squeeze1) ...
Setting up libxau6 (1:1.0.6-1) ...
Setting up libxdmcp6 (1:1.0.3-2) ...
Setting up libxcb1 (1.6-1) ...
Setting up libx11-data (2:1.3.3-4) ...
Setting up libx11-6 (2:1.3.3-4) ...
Setting up libxext6 (2:1.1.2-1) ...
Setting up libxmuu1 (2:1.0.5-2) ...
Setting up openssh-server (1:5.5p1-6+squeeze1) ...
Creating SSH2 RSA key; this may take some time ...
Creating SSH2 DSA key; this may take some time ...
Restarting OpenBSD Secure Shell server: sshd.
Setting up xauth (1:1.0.4-1) ...
!root@av:~#

設定の変更

PasswordAuthentication no など。詳細非公開
root@av:~# cd /etc/ssh/
root@av:/etc/ssh# mv sshd_config{,.orig}
root@av:/etc/ssh# cp sshd_config.orig sshd_config
root@av:/etc/ssh#

sshd の再起動

root@av:/etc/ssh# /etc/init.d/ssh restart
Restarting OpenBSD Secure Shell server: sshd.
root@av:/etc/ssh#

確認

パスワード認証不可、DSA 鍵で認証可を確認。

ひと通りの設定完了?

さて、ひと通りの設定の確認はできたかな?
以前 VineLinux で外向きのサーバを構築した時とはいろいろ変わっていたが、 その確認ができた。


LS-AVL/A
楽天市場
Amazon
uWorks
ValuMore
Yahoo!ショッピング


apache の設定
ハックの記録
LinkStation/玄箱 をハックしよう

カーネルのコンパイル

Copyright (C) 2003-2012 Yasunari Yamashita. All Rights Reserved.
yasunari @ yamasita.jp 山下康成@京都府向日市