新浪博客

sshd_config 中PermitRootLogin的作用

2015-11-03 12:39阅读:

http://blog.sina.cn/dpool/blog/u/2042686343

sshd_config 中PermitRootLogin的作用
$ grep PermitRootLogin /etc/ssh/sshd_config
#PermitRootLogin yes
PermitRootLogin forced-commands-only
# the setting of 'PermitRootLogin without-password'.
PermitRootLogin如果不设置,默认是yes,也就是root可以登录
如果设置without-password 那么root可以登录,但是不允许通过密码ssh登陆
如果设置no, root不许登陆
如果设置forced-commands-only,则可以登录,但是登陆后不能进入交互,而是执行指定的命令后 自动退出,指定的命令在authorized_keys里面列出例如/bin/date
man的描述如下
PermitRootLogin
Specifies whether root can log in using ssh(1). The argument must be “yes”,
“without-password”, “forced-commands-only”, or “no”. The default is “yes”.
If this option is set to “without-password”, password authentication is disabled for root.
If this option is set to “force
d-commands-only”, root login with public key authentication
will be allowed, but only if the command option has been specified (which may be useful for
taking remote backups even if root login is normally not allowed). All other authentica‐
tion methods are disabled for root.
If this option is set to “no”, root is not allowed to log in.
===转====================
How to configure sshd to allow root to run a command on a remote server without logging in
https://www.novell.com/support/kb/doc.php?id=7007565
Linux SSH配置和禁止Root远程登陆设置
http://tzsky.blog.51cto.com/1062094/258680
Linux 修改SSH端口 和 禁止Root远程登陆
http://blog.csdn.net/tianlesoftware/article/details/6201898

我的更多文章

下载客户端阅读体验更佳

APP专享