Differences
This shows you the differences between two versions of the page.
— | openssh [2016/02/19 20:16] (current) – created - external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== OpenSSH ====== | ||
+ | * [[dropbear]] | ||
+ | * [[libressl]] | ||
+ | * [[monit]] | ||
+ | * [[openssl]] | ||
+ | * [[SSH]] | ||
+ | |||
+ | * [[ftp:// | ||
+ | * [[http:// | ||
+ | * [[https:// | ||
+ | * [[http:// | ||
+ | |||
+ | === Server Configuration === | ||
+ | |||
+ | OpenSSH requires that users be in the '' | ||
+ | |||
+ | A public key is recommended, | ||
+ | |||
+ | < | ||
+ | # A barebones sshd_config | ||
+ | PermitRootLogin no | ||
+ | PasswordAuthentication no | ||
+ | UsePAM no | ||
+ | PrintMotd no | ||
+ | PrintLastLog no | ||
+ | Subsystem | ||
+ | AllowGroups ssh-users | ||
+ | </ | ||
+ | |||
+ | === User Configuration === | ||
+ | |||
+ | Don't hash known_hosts so that bash completion will work. Add to '' | ||
+ | < | ||
+ | HashKnownHosts no | ||
+ | </ | ||
+ | |||
+ | Decide which public key to use. Also see [[http:// | ||
+ | |||
+ | < | ||
+ | IdentityFile ~/ | ||
+ | </ | ||
+ | |||
+ | === OS X === | ||
+ | |||
+ | SSHD must be enabled in '' | ||
+ | |||
+ | * Block all incoming connections (unchecked) | ||
+ | * Remote Login (SSH) - Allow incoming connections | ||
+ | |||
+ | The config file for OS X for SSHD is located at ''/ | ||
+ | |||
+ | Add these lines to the config file: | ||
+ | |||
+ | < | ||
+ | PermitRootLogin no | ||
+ | PasswordAuthentication no | ||
+ | UsePAM no | ||
+ | AllowUsers < | ||
+ | </ | ||
+ | |||
+ | Then restart the SSH server manually from Terminal: | ||
+ | |||
+ | < | ||
+ | launchctl stop com.openssh.sshd | ||
+ | launchctl start com.openssh.sshd | ||
+ | </ | ||
+ | |||
+ | === Building from Source === | ||
+ | |||
+ | Use the local copy of OpenSSL: | ||
+ | |||
+ | < | ||
+ | ./configure --with-ssl-dir=/ | ||
+ | </ | ||
+ | |||
+ | If looking for '' |