ssh-configure.html

<!DOCTYPE html>
<html lang="zh-CN,default">
<head>
  <meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=2">
<meta name="theme-color" content="#222">
<meta name="generator" content="Hexo 4.2.1">
  <link rel="apple-touch-icon" sizes="180x180" href="/images/apple-touch-icon-next.png">
  <link rel="icon" type="image/png" sizes="32x32" href="/images/favicom-32x32-logo.png">
  <link rel="icon" type="image/png" sizes="16x16" href="/images/favicon-16x16-logo.png">
  <link rel="mask-icon" href="/images/logo.svg" color="#222">
  <meta name="google-site-verification" content="ROUQoZovui7E3zu9iZWkJdCuxBSmH6dcEV2qncmZ4DQ">
  <meta name="msvalidate.01" content="A5DD278FA75034DFB543D13A5DEF0F94">
  <meta name="baidu-site-verification" content="h7T48zL37w">

<link rel="stylesheet" href="/css/main.css">


<link rel="stylesheet" href="/lib/font-awesome/css/all.min.css">

<script id="hexo-configurations">
    var NexT = window.NexT || {};
    var CONFIG = {"hostname":"blog.charfole.top","root":"/","scheme":"Gemini","version":"7.8.0","exturl":true,"sidebar":{"position":"left","display":"post","padding":18,"offset":12,"onmobile":false},"copycode":{"enable":false,"show_result":false,"style":null},"back2top":{"enable":true,"sidebar":true,"scrollpercent":true},"bookmark":{"enable":false,"color":"#222","save":"auto"},"fancybox":false,"mediumzoom":false,"lazyload":false,"pangu":false,"comments":{"style":"tabs","active":null,"storage":true,"lazyload":false,"nav":null},"algolia":{"hits":{"per_page":10},"labels":{"input_placeholder":"Search for Posts","hits_empty":"We didn't find any results for the search: ${query}","hits_stats":"${hits} results found in ${time} ms"}},"localsearch":{"enable":true,"trigger":"auto","top_n_per_article":1,"unescape":false,"preload":false},"motion":{"enable":true,"async":false,"transition":{"post_block":"fadeIn","post_header":"slideDownIn","post_body":"slideDownIn","coll_header":"slideLeftIn","sidebar":"slideUpIn"}},"path":"search.xml"};
  </script>

  <meta name="description" content="前言暑假在家，忽然想起上学期有一门课还有几百块的华为云代金券没用，算了一下，代金券剩下的额度还可以买大半年的云服务器玩一玩，于是就行动起来了。刚买完一天，按着自己之前留下的总结在 Windows Terminal 中配置好了 Oh-My-Zsh 后，结果第二天起床就收到华为云发来的短信，说服务器遭到了暴力破解，但没有成功。">
<meta property="og:type" content="article">
<meta property="og:title" content="增强Linux云服务器SSH安全性的方法">
<meta property="og:url" content="https://blog.charfole.top/ssh-configure.html">
<meta property="og:site_name" content="Charfole&#39;s Blog">
<meta property="og:description" content="前言暑假在家，忽然想起上学期有一门课还有几百块的华为云代金券没用，算了一下，代金券剩下的额度还可以买大半年的云服务器玩一玩，于是就行动起来了。刚买完一天，按着自己之前留下的总结在 Windows Terminal 中配置好了 Oh-My-Zsh 后，结果第二天起床就收到华为云发来的短信，说服务器遭到了暴力破解，但没有成功。">
<meta property="og:locale" content="zh_CN">
<meta property="og:image" content="https://charfole-blog.oss-cn-shenzhen.aliyuncs.com/image/image-20210822222415754.png">
<meta property="og:image" content="https://charfole-blog.oss-cn-shenzhen.aliyuncs.com/image/image-20210822222649991.png">
<meta property="og:image" content="https://charfole-blog.oss-cn-shenzhen.aliyuncs.com/image/image-20210822230758903.png">
<meta property="og:image" content="https://charfole-blog.oss-cn-shenzhen.aliyuncs.com/image/image-20210815234104477.png">
<meta property="og:image" content="https://charfole-blog.oss-cn-shenzhen.aliyuncs.com/image/image-20210823174217922.png">
<meta property="og:image" content="https://charfole-blog.oss-cn-shenzhen.aliyuncs.com/image/image-20210823175321290.png">
<meta property="og:image" content="https://charfole-blog.oss-cn-shenzhen.aliyuncs.com/image/image-20210815234152227.png">
<meta property="og:image" content="https://charfole-blog.oss-cn-shenzhen.aliyuncs.com/image/image-20210822215748965.png">
<meta property="og:image" content="https://charfole-blog.oss-cn-shenzhen.aliyuncs.com/image/image-20210823190536215.png">
<meta property="article:published_time" content="2021-08-22T09:27:19.000Z">
<meta property="article:modified_time" content="2023-09-21T09:33:05.661Z">
<meta property="article:author" content="Charfole">
<meta property="article:tag" content="SSH">
<meta property="article:tag" content="Server">
<meta property="article:tag" content="Linux">
<meta name="twitter:card" content="summary">
<meta name="twitter:image" content="https://charfole-blog.oss-cn-shenzhen.aliyuncs.com/image/image-20210822222415754.png">

<link rel="canonical" href="https://blog.charfole.top/ssh-configure.html">


<script id="page-configurations">
  // https://hexo.io/docs/variables.html
  CONFIG.page = {
    sidebar: "",
    isHome : false,
    isPost : true,
    lang   : 'zh-CN'
  };
</script>

  <title>增强Linux云服务器SSH安全性的方法 | Charfole's Blog</title>
  
    <script async src="https://www.googletagmanager.com/gtag/js?id=UA-174017535-1"></script>
    <script>
      if (CONFIG.hostname === location.hostname) {
        window.dataLayer = window.dataLayer || [];
        function gtag(){dataLayer.push(arguments);}
        gtag('js', new Date());
        gtag('config', 'UA-174017535-1');
      }
    </script>






  <noscript>
  <style>
  .use-motion .brand,
  .use-motion .menu-item,
  .sidebar-inner,
  .use-motion .post-block,
  .use-motion .pagination,
  .use-motion .comments,
  .use-motion .post-header,
  .use-motion .post-body,
  .use-motion .collection-header { opacity: initial; }

  .use-motion .site-title,
  .use-motion .site-subtitle {
    opacity: initial;
    top: initial;
  }

  .use-motion .logo-line-before i { left: initial; }
  .use-motion .logo-line-after i { right: initial; }
  </style>
</noscript>

<link rel="alternate" href="/atom.xml" title="Charfole's Blog" type="application/atom+xml">
</head>

<body itemscope itemtype="http://schema.org/WebPage">
  <div class="container use-motion">
    <div class="headband"></div>

    <header class="header" itemscope itemtype="http://schema.org/WPHeader">
      <div class="header-inner"><div class="site-brand-container">
  <div class="site-nav-toggle">
    <div class="toggle" aria-label="切换导航栏">
      <span class="toggle-line toggle-line-first"></span>
      <span class="toggle-line toggle-line-middle"></span>
      <span class="toggle-line toggle-line-last"></span>
    </div>
  </div>

  <div class="site-meta">

    <a href="/" class="brand" rel="start">
      <span class="logo-line-before"><i></i></span>
      <h1 class="site-title">Charfole's Blog</h1>
      <span class="logo-line-after"><i></i></span>
    </a>
  </div>

  <div class="site-nav-right">
    <div class="toggle popup-trigger">
        <i class="fa fa-search fa-fw fa-lg"></i>
    </div>
  </div>
</div>




<nav class="site-nav">
  <ul id="menu" class="main-menu menu">
        <li class="menu-item menu-item-home">

    <a href="/" rel="section"><i class="fa fa-home fa-fw"></i>首页</a>

  </li>
        <li class="menu-item menu-item-archives">

    <a href="/archives/" rel="section"><i class="fa fa-archive fa-fw"></i>归档</a>

  </li>
        <li class="menu-item menu-item-tags">

    <a href="/tags/" rel="section"><i class="fa fa-tags fa-fw"></i>标签</a>

  </li>
        <li class="menu-item menu-item-categories">

    <a href="/categories/" rel="section"><i class="fa fa-th fa-fw"></i>分类</a>

  </li>
      <li class="menu-item menu-item-search">
        <a role="button" class="popup-trigger"><i class="fa fa-search fa-fw"></i>搜索
        </a>
      </li>
  </ul>
</nav>



  <div class="search-pop-overlay">
    <div class="popup search-popup">
        <div class="search-header">
  <span class="search-icon">
    <i class="fa fa-search"></i>
  </span>
  <div class="search-input-container">
    <input autocomplete="off" autocapitalize="off"
           placeholder="搜索..." spellcheck="false"
           type="search" class="search-input">
  </div>
  <span class="popup-btn-close">
    <i class="fa fa-times-circle"></i>
  </span>
</div>
<div id="search-result">
  <div id="no-result">
    <i class="fa fa-spinner fa-pulse fa-5x fa-fw"></i>
  </div>
</div>

    </div>
  </div>

</div>
    </header>

    
  <div class="reading-progress-bar"></div>


    <main class="main">
      <div class="main-inner">
        <div class="content-wrap">
          

          <div class="content post posts-expand">
            

    
  
  
  <article itemscope itemtype="http://schema.org/Article" class="post-block" lang="zh-CN">
    <link itemprop="mainEntityOfPage" href="https://blog.charfole.top/ssh-configure.html">

    <span hidden itemprop="author" itemscope itemtype="http://schema.org/Person">
      <meta itemprop="image" content="/images/avatar.gif">
      <meta itemprop="name" content="Charfole">
      <meta itemprop="description" content="Carpe diem">
    </span>

    <span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization">
      <meta itemprop="name" content="Charfole's Blog">
    </span>
      <header class="post-header">
        <h1 class="post-title" itemprop="name headline">
          增强Linux云服务器SSH安全性的方法
        </h1>

        <div class="post-meta">
            <span class="post-meta-item">
              <span class="post-meta-item-icon">
                <i class="far fa-calendar"></i>
              </span>
              <span class="post-meta-item-text">发表于</span>

              <time title="创建时间：2021-08-22 17:27:19" itemprop="dateCreated datePublished" datetime="2021-08-22T17:27:19+08:00">2021-08-22</time>
            </span>
              <span class="post-meta-item">
                <span class="post-meta-item-icon">
                  <i class="far fa-calendar-check"></i>
                </span>
                <span class="post-meta-item-text">更新于</span>
                <time title="修改时间：2023-09-21 17:33:05" itemprop="dateModified" datetime="2023-09-21T17:33:05+08:00">2023-09-21</time>
              </span>
            <span class="post-meta-item">
              <span class="post-meta-item-icon">
                <i class="far fa-folder"></i>
              </span>
              <span class="post-meta-item-text">分类于</span>
                <span itemprop="about" itemscope itemtype="http://schema.org/Thing">
                  <a href="/categories/%E6%8A%80%E6%9C%AF/" itemprop="url" rel="index"><span itemprop="name">技术</span></a>
                </span>
            </span>

          
            <span class="post-meta-item" title="阅读次数" id="busuanzi_container_page_pv" style="display: none;">
              <span class="post-meta-item-icon">
                <i class="fa fa-eye"></i>
              </span>
              <span class="post-meta-item-text">阅读次数：</span>
              <span id="busuanzi_value_page_pv"></span>
            </span>
  
  <span class="post-meta-item">
    
      <span class="post-meta-item-icon">
        <i class="far fa-comment"></i>
      </span>
      <span class="post-meta-item-text">Valine：</span>
    
    <a title="valine" href="/ssh-configure.html#valine-comments" itemprop="discussionUrl">
      <span class="post-comments-count valine-comment-count" data-xid="/ssh-configure.html" itemprop="commentCount"></span>
    </a>
  </span>
  
  <br>
            <span class="post-meta-item" title="本文字数">
              <span class="post-meta-item-icon">
                <i class="far fa-file-word"></i>
              </span>
                <span class="post-meta-item-text">本文字数：</span>
              <span>2.5k</span>
            </span>
            <span class="post-meta-item" title="阅读时长">
              <span class="post-meta-item-icon">
                <i class="far fa-clock"></i>
              </span>
                <span class="post-meta-item-text">阅读时长 &asymp;</span>
              <span>2 分钟</span>
            </span>

        </div>
      </header>

    
    
    
    <div class="post-body" itemprop="articleBody">

      
        <h2 id="前言"><a href="#前言" class="headerlink" title="前言"></a>前言</h2><p>暑假在家，忽然想起上学期有一门课还有几百块的华为云代金券没用，算了一下，代金券剩下的额度还可以买大半年的云服务器玩一玩，于是就行动起来了。刚买完一天，按着自己之前留下的<a href="https://blog.charfole.top/Win10%E7%B3%BB%E7%BB%9F%E4%B8%8B%E7%9A%84Windows%20Terminal+WSL%E9%85%8D%E7%BD%AE%E6%8C%87%E5%8D%97.html">总结</a>在 Windows Terminal 中配置好了 Oh-My-Zsh 后，结果第二天起床就收到华为云发来的短信，说服务器遭到了暴力破解，但没有成功。</p>
<p><img src="https://charfole-blog.oss-cn-shenzhen.aliyuncs.com/image/image-20210822222415754.png" alt="image-20210822222415754"><br><a id="more"></a></p>
<p>上两学期也曾在学校听说过同学的服务器被 hack，数据库被删除了而且还留下了一个比特币的汇款账户；此外，学院的服务器也曾被 hack 来用于挖矿；听说被 hack 的次数不少，但还真没想到有一天会发生在自己身上。接到通知后，我首先登录查看了自己的服务器有没有异常进程，检查完毕后发现没有，再去查了对我服务器进行恶意登录的 IP，<strong>居然也是来自华为云的</strong>，不免引人遐想。</p>
<p><img src="https://charfole-blog.oss-cn-shenzhen.aliyuncs.com/image/image-20210822222649991.png" alt="image-20210822222649991"></p>
<p>虽然只是一个用着代金券剩余的钱买来的土豆服务器（1核1G，系统为Ubuntu 18.04），但在平常的学习中也是大有可为的，就这么被坏人得逞也太憋屈了，所以我决定上网搜集一下有关云服务器中有关 SSH 的防 hack 方法，折腾并记录一下。网上查到的方法有几种，下面我将分点阐明。</p>
<h2 id="云服务器增强SSH防护的方法"><a href="#云服务器增强SSH防护的方法" class="headerlink" title="云服务器增强SSH防护的方法"></a>云服务器增强SSH防护的方法</h2><h3 id="一、-购买云服务厂商的安全服务"><a href="#一、-购买云服务厂商的安全服务" class="headerlink" title="一、 购买云服务厂商的安全服务"></a>一、 购买云服务厂商的安全服务</h3><p>由于是云服务器，所以这种方法是最为省时省力的，可惜就是<strong>不省钱</strong>。我到华为云上查了查服务的价格，是服务器价格的几倍，所以就不考虑了。</p>
<h3 id="二、-更换密码"><a href="#二、-更换密码" class="headerlink" title="二、 更换密码"></a>二、 更换密码</h3><p>经过查阅资料和观察自己的被攻击记录发现，入侵者都是通过脚本来暴力攻击 SSH 服务的默认端口——22 端口，并随机生成密码来尝试登陆的。那么这样意味着只要我们的密码设置得足够复杂（同时包含大小写字母数字和符号），就可以避免入侵者轻易试出我们的密码。入侵者一般在一段时间内会尝试入侵多台服务器，而不会对一台服务器破解过久，因此密码设置得稍微复杂一点，可以大大提高安全性。</p>
<p>云服务器密码重设的方法有两种，第一种是进入系统后通过命令重新设置，第二种则较为简单，直接到云服务器厂商的控制台重新设置即可。</p>
<ul>
<li><p><strong>通过命令重新设置</strong></p>
<figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br></pre></td><td class="code"><pre><span class="line"><span class="meta">#</span><span class="bash"> 将当前用户转为root用户（如果当前已经是root用户则忽略这一步）</span></span><br><span class="line">sudo su root</span><br><span class="line"></span><br><span class="line"><span class="meta">#</span><span class="bash"> 更换密码</span></span><br><span class="line">sudo passwd root</span><br><span class="line"></span><br><span class="line"><span class="meta">#</span><span class="bash"> 接下来按照指引输入并确认密码，重启即可生效</span></span><br></pre></td></tr></table></figure>
</li>
</ul>
<ul>
<li><p><strong>控制台重新设置（华为云）</strong></p>
<p><img src="https://charfole-blog.oss-cn-shenzhen.aliyuncs.com/image/image-20210822230758903.png" alt="image-20210822230758903"></p>
</li>
</ul>
<p>你可能会问，如果密码设置得太复杂，自己每次都要输入很久、或者是有可能忘掉，应该怎么办？有解决方法的，那请看到最后吧~</p>
<h3 id="三、更换端口号"><a href="#三、更换端口号" class="headerlink" title="三、更换端口号"></a>三、更换端口号</h3><p>SSH 服务默认的端口号是 22 端口，也是入侵者一般入侵的端口号。为了进一步巩固云服务器的安全性，可以更改一下服务器中 SSH 的端口号，简单来说就是：修改配置文件，自定义一个不常见的 SSH 端口号，同时取消掉默认的 22 端口号，并在云服务器的控制台中关闭 22 端口。具体来说，该操作分为以下几步：</p>
<ol>
<li><p><strong>打开 SSH 配置文件 sshd_config</strong></p>
<figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">vim /etc/ssh/sshd_config</span><br></pre></td></tr></table></figure>
</li>
<li><p><strong>修改配置文件中的端口信息并使其生效</strong></p>
<p>找到 Port 22 这一行，在下面换成你自定义的端口，比如 2021，并且<strong>先不要删掉原来 Port 22</strong> 这一行，以免配置出错，无法通过默认端口登录云服务器。</p>
<p><img src="https://charfole-blog.oss-cn-shenzhen.aliyuncs.com/image/image-20210815234104477.png" alt="image-20210815234104477"></p>
</li>
</ol>
<p>  保存文件之后，再用命令重启一下 SSH 服务，使配置生效。</p>
  <figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">service sshd restart</span><br></pre></td></tr></table></figure>
<p>  如果你使用的是云服务器，那么还需要在控制台对服务器的安全组进行设置，在<strong>入方向规则</strong>中添加新的端口号。</p>
<p>  <img src="https://charfole-blog.oss-cn-shenzhen.aliyuncs.com/image/image-20210823174217922.png" alt="image-20210823174217922"></p>
<ol>
<li><p><strong>测试新端口是否有效</strong></p>
<p>将 SSH 客户端中的连接端口改为新设置的端口，之后登录新的端口，登录成功则说明设置成功。</p>
<p><img src="https://charfole-blog.oss-cn-shenzhen.aliyuncs.com/image/image-20210823175321290.png" alt="image-20210823175321290"></p>
</li>
</ol>
<p>  测试成功后，重新用 <code>vim /etc/ssh/sshd_config</code> 打开配置文件，并将 22 端口删除，只保留新建的 2021 端口即可。</p>
<p>  <img src="https://charfole-blog.oss-cn-shenzhen.aliyuncs.com/image/image-20210815234152227.png" alt="image-20210815234152227"></p>
<h3 id="四、限制登录次数"><a href="#四、限制登录次数" class="headerlink" title="四、限制登录次数"></a>四、限制登录次数</h3><p>为了防止入侵者进行多次的暴力破解，可以在配置文件中限制输入密码的次数和密码错误后的用户锁定时间。具体方法如下：</p>
<figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br></pre></td><td class="code"><pre><span class="line"><span class="meta">#</span><span class="bash"> 打开配置文件</span></span><br><span class="line">vim /etc/pam.d/sshd</span><br><span class="line"></span><br><span class="line"><span class="meta">#</span><span class="bash"> 在第二行注释下加入该行命令</span></span><br><span class="line">auth required pam_tally2.so deny=3 unlock_time=3600 even_deny_root root_unlock_time=3600</span><br><span class="line"></span><br><span class="line"><span class="meta">#</span><span class="bash"> 上一命令中的参数解释</span></span><br><span class="line"><span class="meta">#</span><span class="bash"> deny = 3 代表最多可尝试登陆三次，超过三次则进行锁定用户</span></span><br><span class="line"><span class="meta">#</span><span class="bash"> unlock_time = 3600 代表非root用户锁定3600秒</span></span><br><span class="line"><span class="meta">#</span><span class="bash"> even_deny_root 代表即使是root用户也需要锁定</span></span><br><span class="line"><span class="meta">#</span><span class="bash"> root_unlock_time = 3600 代表root用户锁定3600秒</span></span><br></pre></td></tr></table></figure>
<p>配置文件（Ubuntu 18.04）的截图如下所示：</p>
<p><img src="https://charfole-blog.oss-cn-shenzhen.aliyuncs.com/image/image-20210822215748965.png" alt="image-20210822215748965"></p>
<h3 id="5-设置免密登录"><a href="#5-设置免密登录" class="headerlink" title="5. 设置免密登录"></a>5. 设置免密登录</h3><p>经过上述步骤的配置，目前云服务器的 SSH 服务已经较为安全了。但是，为了保障我们服务器的安全性，在第二步中我们将密码设置得较为复杂，同时也在第四步限制了密码输入错误的次数。这样有可能导致我们会忘记太复杂的密码、或者是在每次登录的时候需要花较长时间输入密码，甚至是多次输入错误的密码导致用户锁定。解决上面几个问题最后的方法就是——设置当前主机免密登录。</p>
<ol>
<li><p><strong>在本地生成公私钥</strong></p>
<figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br></pre></td><td class="code"><pre><span class="line"><span class="meta">#</span><span class="bash"> 生成公私钥（下面的命令需要有git环境）</span></span><br><span class="line">ssh-keygen</span><br><span class="line"></span><br><span class="line"><span class="meta">#</span><span class="bash"> 进入对应的目录（Windows在C盘的用户文件夹下）</span></span><br><span class="line">cd ~/.ssh </span><br><span class="line"></span><br><span class="line"><span class="meta">#</span><span class="bash"> 查看目录下的公私钥</span></span><br><span class="line">ls # id_rsa 为私钥，id_rsa.pub为公钥</span><br></pre></td></tr></table></figure>
</li>
<li><p><strong>上传公钥到服务器中</strong></p>
<figure class="highlight shell"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line"><span class="meta">#</span><span class="bash"> 上传公钥</span></span><br><span class="line">ssh-copy-id -i ~/.ssh/id_rsa.pub root@ip # ip改成服务器对应的ip</span><br><span class="line"></span><br><span class="line"><span class="meta">#</span><span class="bash"> 检查是否上传成功</span></span><br><span class="line">cd ~/.ssh # 看到了 autorized keys 即代表上传成功</span><br></pre></td></tr></table></figure>
<p>在输入上面的第一条命令后，终端会弹出如下图的一系列信息，一路 Enter 即可。</p>
<p><img src="https://charfole-blog.oss-cn-shenzhen.aliyuncs.com/image/image-20210823190536215.png" alt="image-20210823190536215"></p>
<p>完成了上述步骤后，使用 <code>ssh root@ip -port</code>，把 ip 和端口号置换成自己设置的端口号即可免密登录服务器啦！</p>
</li>
</ol>
<h2 id="写在后面"><a href="#写在后面" class="headerlink" title="写在后面"></a>写在后面</h2><p>在经过了更换密码、端口和限制登录次数的三个方法，云服务器的安全性得到了很好的提高，同时在设置了免密登录后，SSH 登录也更为便捷。感谢您看到这里，同时也希望未来大家能多多注重服务器的安全，毕竟服务器只有在安全的前提下才能好好用于学习和玩耍呀！</p>

    </div>

    
    
    

      <footer class="post-footer">
          <div class="post-tags">
              <a href="/tags/SSH/" rel="tag"># SSH</a>
              <a href="/tags/Server/" rel="tag"># Server</a>
              <a href="/tags/Linux/" rel="tag"># Linux</a>
          </div>

        


        
    <div class="post-nav">
      <div class="post-nav-item">
    <a href="/lanqiao-review.html" rel="prev" title="蓝桥杯踩坑题">
      <i class="fa fa-chevron-left"></i> 蓝桥杯踩坑题
    </a></div>
      <div class="post-nav-item">
    <a href="/baoyan-experience.html" rel="next" title="2021计算机保研面试经验与建议（中山、复旦、北航、浙大工程师、华东师、华工等院校）">
      2021计算机保研面试经验与建议（中山、复旦、北航、浙大工程师、华东师、华工等院校） <i class="fa fa-chevron-right"></i>
    </a></div>
    </div>
      </footer>
    
  </article>
  
  
  



          </div>
          
    <div class="comments" id="valine-comments"></div>

<script>
  window.addEventListener('tabs:register', () => {
    let { activeClass } = CONFIG.comments;
    if (CONFIG.comments.storage) {
      activeClass = localStorage.getItem('comments_active') || activeClass;
    }
    if (activeClass) {
      let activeTab = document.querySelector(`a[href="#comment-${activeClass}"]`);
      if (activeTab) {
        activeTab.click();
      }
    }
  });
  if (CONFIG.comments.storage) {
    window.addEventListener('tabs:click', event => {
      if (!event.target.matches('.tabs-comment .tab-content .tab-pane')) return;
      let commentClass = event.target.classList[1];
      localStorage.setItem('comments_active', commentClass);
    });
  }
</script>

        </div>
          
  
  <div class="toggle sidebar-toggle">
    <span class="toggle-line toggle-line-first"></span>
    <span class="toggle-line toggle-line-middle"></span>
    <span class="toggle-line toggle-line-last"></span>
  </div>

  <aside class="sidebar">
    <div class="sidebar-inner">

      <ul class="sidebar-nav motion-element">
        <li class="sidebar-nav-toc">
          文章目录
        </li>
        <li class="sidebar-nav-overview">
          站点概览
        </li>
      </ul>

      <!--noindex-->
      <div class="post-toc-wrap sidebar-panel">
          <div class="post-toc motion-element"><ol class="nav"><li class="nav-item nav-level-2"><a class="nav-link" href="#前言"><span class="nav-number">1.</span> <span class="nav-text">前言</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#云服务器增强SSH防护的方法"><span class="nav-number">2.</span> <span class="nav-text">云服务器增强SSH防护的方法</span></a><ol class="nav-child"><li class="nav-item nav-level-3"><a class="nav-link" href="#一、-购买云服务厂商的安全服务"><span class="nav-number">2.1.</span> <span class="nav-text">一、 购买云服务厂商的安全服务</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#二、-更换密码"><span class="nav-number">2.2.</span> <span class="nav-text">二、 更换密码</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#三、更换端口号"><span class="nav-number">2.3.</span> <span class="nav-text">三、更换端口号</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#四、限制登录次数"><span class="nav-number">2.4.</span> <span class="nav-text">四、限制登录次数</span></a></li><li class="nav-item nav-level-3"><a class="nav-link" href="#5-设置免密登录"><span class="nav-number">2.5.</span> <span class="nav-text">5. 设置免密登录</span></a></li></ol></li><li class="nav-item nav-level-2"><a class="nav-link" href="#写在后面"><span class="nav-number">3.</span> <span class="nav-text">写在后面</span></a></li></ol></div>
      </div>
      <!--/noindex-->

      <div class="site-overview-wrap sidebar-panel">
        <div class="site-author motion-element" itemprop="author" itemscope itemtype="http://schema.org/Person">
  <p class="site-author-name" itemprop="name">Charfole</p>
  <div class="site-description" itemprop="description">Carpe diem</div>
</div>
<div class="site-state-wrap motion-element">
  <nav class="site-state">
      <div class="site-state-item site-state-posts">
          <a href="/archives/">
        
          <span class="site-state-item-count">14</span>
          <span class="site-state-item-name">日志</span>
        </a>
      </div>
      <div class="site-state-item site-state-categories">
            <a href="/categories/">
          
        <span class="site-state-item-count">8</span>
        <span class="site-state-item-name">分类</span></a>
      </div>
      <div class="site-state-item site-state-tags">
            <a href="/tags/">
          
        <span class="site-state-item-count">29</span>
        <span class="site-state-item-name">标签</span></a>
      </div>
  </nav>
</div>
  <div class="links-of-author motion-element">
      <span class="links-of-author-item">
        <span class="exturl" data-url="aHR0cHM6Ly9naXRodWIuY29tL2NoYXJmb2xl" title="GitHub → https:&#x2F;&#x2F;github.com&#x2F;charfole"><i class="fab fa-github fa-fw"></i>GitHub</span>
      </span>
      <span class="links-of-author-item">
        <span class="exturl" data-url="bWFpbHRvOmNoYXJmb2xlQDE2My5jb20=" title="E-Mail → mailto:charfole@163.com"><i class="fa fa-envelope fa-fw"></i>E-Mail</span>
      </span>
      <span class="links-of-author-item">
        <a href="/atom.xml" title="RSS → &#x2F;atom.xml"><i class="fa fa-rss fa-fw"></i>RSS</a>
      </span>
  </div>
  <div class="cc-license motion-element" itemprop="license">
    <span class="exturl cc-opacity" data-url="aHR0cHM6Ly9jcmVhdGl2ZWNvbW1vbnMub3JnL2xpY2Vuc2VzL2J5LW5jLXNhLzQuMC8="><img src="/images/cc-by-nc-sa.svg" alt="Creative Commons"></span>
  </div>



      </div>
        <div class="back-to-top motion-element">
          <i class="fa fa-arrow-up"></i>
          <span>0%</span>
        </div>

    </div>
  </aside>
  <div id="sidebar-dimmer"></div>


      </div>
    </main>

    <footer class="footer">
      <div class="footer-inner">
        

        

<div class="copyright">
  
  &copy; 2020 – 
  <span itemprop="copyrightYear">2023</span>
  <span class="with-love">
    <i class="fa fa-heart"></i>
  </span>
  <span class="author" itemprop="copyrightHolder">Charfole</span>
    <span class="post-meta-divider">|</span>
    <span class="post-meta-item-icon">
      <i class="fa fa-chart-area"></i>
    </span>
      <span class="post-meta-item-text">站点总字数：</span>
    <span title="站点总字数">61k</span>
    <span class="post-meta-divider">|</span>
    <span class="post-meta-item-icon">
      <i class="fa fa-coffee"></i>
    </span>
      <span class="post-meta-item-text">站点阅读时长 &asymp;</span>
    <span title="站点阅读时长">55 分钟</span>
</div>
  <div class="powered-by">由 <span class="exturl theme-link" data-url="aHR0cHM6Ly9oZXhvLmlv">Hexo</span> & <span class="exturl theme-link" data-url="aHR0cHM6Ly90aGVtZS1uZXh0Lm9yZw==">NexT.Gemini</span> 强力驱动
  </div>

        
<div class="busuanzi-count">
  <script async src="https://busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js"></script>
    <span class="post-meta-item" id="busuanzi_container_site_uv" style="display: none;">
      <span class="post-meta-item-icon">
        <i class="fa fa-user"></i>
      </span>
      <span class="site-uv" title="总访客量">
        <span id="busuanzi_value_site_uv"></span>
      </span>
    </span>
    <span class="post-meta-divider">|</span>
    <span class="post-meta-item" id="busuanzi_container_site_pv" style="display: none;">
      <span class="post-meta-item-icon">
        <i class="fa fa-eye"></i>
      </span>
      <span class="site-pv" title="总访问量">
        <span id="busuanzi_value_site_pv"></span>
      </span>
    </span>
</div>








      </div>
    </footer>
  </div>

  
  <script src="/lib/anime.min.js"></script>
  <script src="/lib/velocity/velocity.min.js"></script>
  <script src="/lib/velocity/velocity.ui.min.js"></script>

<script src="/js/utils.js"></script>

<script src="/js/motion.js"></script>


<script src="/js/schemes/pisces.js"></script>


<script src="/js/next-boot.js"></script>




  
  <script>
    (function(){
      var canonicalURL, curProtocol;
      //Get the <link> tag
      var x=document.getElementsByTagName("link");
		//Find the last canonical URL
		if(x.length > 0){
			for (i=0;i<x.length;i++){
				if(x[i].rel.toLowerCase() == 'canonical' && x[i].href){
					canonicalURL=x[i].href;
				}
			}
		}
    //Get protocol
	    if (!canonicalURL){
	    	curProtocol = window.location.protocol.split(':')[0];
	    }
	    else{
	    	curProtocol = canonicalURL.split(':')[0];
	    }
      //Get current URL if the canonical URL does not exist
	    if (!canonicalURL) canonicalURL = window.location.href;
	    //Assign script content. Replace current URL with the canonical URL
      !function(){var e=/([http|https]:\/\/[a-zA-Z0-9\_\.]+\.baidu\.com)/gi,r=canonicalURL,t=document.referrer;if(!e.test(r)){var n=(String(curProtocol).toLowerCase() === 'https')?"https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif":"//api.share.baidu.com/s.gif";t?(n+="?r="+encodeURIComponent(document.referrer),r&&(n+="&l="+r)):r&&(n+="?l="+r);var i=new Image;i.src=n}}(window);})();
  </script>




  
<script src="/js/local-search.js"></script>













  

  
      

<script>
  if (typeof MathJax === 'undefined') {
    window.MathJax = {
      loader: {
        source: {
          '[tex]/amsCd': '[tex]/amscd',
          '[tex]/AMScd': '[tex]/amscd'
        }
      },
      tex: {
        inlineMath: {'[+]': [['$', '$']]},
        tags: 'ams'
      },
      options: {
        renderActions: {
          findScript: [10, doc => {
            document.querySelectorAll('script[type^="math/tex"]').forEach(node => {
              const display = !!node.type.match(/; *mode=display/);
              const math = new doc.options.MathItem(node.textContent, doc.inputJax[0], display);
              const text = document.createTextNode('');
              node.parentNode.replaceChild(text, node);
              math.start = {node: text, delim: '', n: 0};
              math.end = {node: text, delim: '', n: 0};
              doc.math.push(math);
            });
          }, '', false],
          insertedScript: [200, () => {
            document.querySelectorAll('mjx-container').forEach(node => {
              let target = node.parentNode;
              if (target.nodeName.toLowerCase() === 'li') {
                target.parentNode.classList.add('has-jax');
              }
            });
          }, '', false]
        }
      }
    };
    (function () {
      var script = document.createElement('script');
      script.src = '//cdn.jsdelivr.net/npm/mathjax@3/es5/tex-mml-chtml.js';
      script.defer = true;
      document.head.appendChild(script);
    })();
  } else {
    MathJax.startup.document.state(0);
    MathJax.texReset();
    MathJax.typeset();
  }
</script>

    

  


<script>
NexT.utils.loadComments(document.querySelector('#valine-comments'), () => {
  NexT.utils.getScript('//unpkg.com/valine/dist/Valine.min.js', () => {
    var GUEST = ['nick', 'mail', 'link'];
    var guest = 'nick,mail,link';
    guest = guest.split(',').filter(item => {
      return GUEST.includes(item);
    });
    new Valine({
      el         : '#valine-comments',
      verify     : false,
      notify     : false,
      appId      : 'hXI9oKO1Olitf9gLi5jb1ciq-gzGzoHsz',
      appKey     : 'JrOSBT9CBoGf3OzREeMchSkt',
      placeholder: "Just go go",
      avatar     : 'mm',
      meta       : guest,
      pageSize   : '10' || 10,
      visitor    : false,
      lang       : '' || 'zh-cn',
      path       : location.pathname,
      recordIP   : false,
      serverURLs : ''
    });
  }, window.Valine);
});
</script>

</body>
</html>