一、问题:
公网上的服务器用密码登录时经常看到被攻击.
Last failed login: Tue Dec 12 07:55:36 CST 2017 from 219.146.144.254 on ssh:notty There were 14011 failed login attempts since the last successful login.Last login: Mon Dec 11 09:23:25 2017 from 180.110.80.73123
二、解决办法
登录方式修改为密钥登录,关闭密码登录,且尝试登录失败次数修改为3
- 生成ssh公钥和私钥:可指定文件位置,输入公钥和私钥验证密码
ssh-keygen -t rsa [root@localhost opt]# ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): /root/.ssh/id_rsa already exists. Overwrite (y/n)? y Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:IgB6YCXsSnuL6ntCkQirCaOEiD8NqsGQ root@localhost.localdomain The key's randomart image is: +---[RSA 2048]----+ |+ooo | |=*o | |%=O | |XEo+ | |@++o= . S | |*+o+.= . | |o +.+ | | + o | |oo+ | +----[SHA256]-----+
- 将公钥追加到authorized_keys 中
#将公钥追加到keys文件中 cat id_rsa.pub >> /root/.ssh/authorized_keys
- 修改sshd_config 文件
vim /etc/ssh/sshd_config # 将sshd_config 中以下四个参数设置为如下所示 RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys PasswordAuthentication no MaxAuthTries 3 #如果这步不想操作,可以执行以下命令 wget http://pan1.pan.94p.net/服务器环境/sh/sshd_config cp sshd_config /etc/ssh/ chmod 600 /etc/ssh/sshd_config
- 重启sshd.service服务,则配置成功,完毕
systemctl restart sshd.service systemctl status sshd.service
- 将公钥和私钥复制到自己的windos电脑上,使用公钥进行登录