OpenSSH

Install

Portsからインストールし、デフォルトのSSHを置き換える。

Portsからインストール

# portmaster security/openssh-portable
                                               lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk
                                               x             Options for openssh-portable 5.2.p1_3,1                x
                                               x lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqk x
                                               x x [X] PAM             Enable pam(3) support                      x x
                                               x x [X] TCP_WRAPPERS    Enable tcp_wrappers support                x x
                                               x x [X] LIBEDIT         Enable readline support to sftp(1)         x x
                                               x x [X] KERBEROS        Enable kerberos (autodetection)            x x
                                               x x [ ] SUID_SSH        Enable suid SSH (Recommended off)          x x
                                               x x [ ] BSM             Enable OpenBSM Auditing                    x x
                                               x x [ ] GSSAPI          Enable GSSAPI support (req: KERBEROS)      x x
                                               x x [ ] KERB_GSSAPI     Enable Kerberos/GSSAPI patch (req: GSSAPI) x x
                                               x x [X] OPENSSH_CHROOT  Enable CHROOT support                      x x
                                               x x [ ] HPN             Enable HPN-SSH patch                       x x
                                               x x [ ] LPK             Enable LDAP Public Key (LPK) patch         x x
                                               x x [ ] X509            Enable x509 certificate patch              x x
                                               x x [ ] FILECONTROL     Enable file control patch                  x x
                                               x x [X] OVERWRITE_BASE  OpenSSH overwrite base                     x x
                                               x x                                                                x x
                                               tqmqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqjqu
                                               x                       [  OK  ]       Cancel                        x
                                               mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqj

Configure

公開鍵認証を行う。 Tera Termで公開鍵作成済みとする。

コンフィグファイルの設定

# vi /etc/ssh/sshd_config

Protocol 2
ServerKeyBits 2048
PermitRootLogin no
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
AllowUsers foobar

Regist Key

鍵の登録を行う

#su - foobar
> mkdir ~/.ssh
> chmod 700 .ssh
> mv id_rsa.pub .ssh/authorized_keys
> chmod 600 .ssh/authorized_keys