°Ô½Ã¹° 1,369°Ç
   
ssh_config / sshd_config
±Û¾´ÀÌ : ÃÖ°í°ü¸®ÀÚ ³¯Â¥ : 2011-07-18 (¿ù) 12:33 Á¶È¸ : 11573
±ÛÁÖ¼Ò :
                                
sshd_config : ¿ø°ÝÁö¿¡¼­ Àڽſ¡°Ô ssh Á¢¼ÓÇÒ °æ¿ìÀÇ ¼³Á¤ ÆÄÀÏ
ssh_config : ÀÚ½ÅÀÌ ¿ø°ÝÁö·Î Á¢¼ÓÇÒ °æ¿ìÀÇ ¼³Á¤ ÆÄÀÏ
 
ex) ssh_config
Host *
        GSSAPIAuthentication yes
        StrictHostKeyChecking no
        UserKnownHostsFile /dev/null
# If this option is set to yes then remote X11 clients will have full access
# to the original X11 display. As virtually no X11 client supports the untrusted
# mode correctly we set this to yes.
        ForwardX11Trusted yes
# Send locale-related environment variables
        SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
        SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
        SendEnv LC_IDENTIFICATION LC_ALL
 
# cat /etc/ssh/ssh_config
# Site-wide defaults for some commonly used options.
# Host *
#   ForwardAgent no
#   ForwardX11 no
#   RhostsRSAAuthentication no
#   RSAAuthentication yes
#   PasswordAuthentication yes
#   HostbasedAuthentication no
#   BatchMode no
#   CheckHostIP yes
#   AddressFamily any
#   ConnectTimeout 0
#   StrictHostKeyChecking ask
#   IdentityFile ~/.ssh/identity
#   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa
#   Port 22
#   Protocol 2,1
#   Cipher 3des
#   Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
#   EscapeChar ~
#   Tunnel no
#   TunnelDevice any:any
#   PermitLocalCommand no
 
Host * => ¡®*¡¯Àº ´ÙÀ½¹ø Host Å°¿öµå°¡ ³ª¿Ã¶§ ±îÁö ¸ðµç È£½ºÆ®¿¡ ´ëÇØ Àû¿ëÇÑ´Ù´Â ÀǹÌ
 ForwardAgent no
   - Á¢¼Ó ¿¡ÀÌÀüÆ®°¡ ÀÖÀ» ¶§ ¾î¶² °ÍÀÌ ¸®¸ðÆ® ¼­¹ö·Î Æ÷¿öµù µÇ¾î¾ß ÇÏ´ÂÁö Á¤ÀÇ
 
 ForwardX11 no
   - X windowsÀÇ GUI ȯ°æÀ» »ç¿ëÇÏ´Â »ç¶÷ÀÌ ¸®¸ðÆ® ¼­¹ö¿¡¼­ ÀÚµ¿À¸·Î X11 ÀÛ¾÷À» ÅëÇؼ­ ¸®´Ù¸®·ºÆ® ÇÒ °æ¿ì¿¡ »ç¿ëÇÑ´Ù. º¸¾È»ó no ·Î ¼³Á¤ÇÑ´Ù.
 
 RhostsRSAAuthentication no - RSA È£½ºÆ® ÀÎÁõ°ú ¸ÂÃß¾î rhosts ÀÎÁõÀÇ »ç¿ë¿©ºÎ¸¦ Á¤ÀÇÇÑ´Ù.
 
 RSAAuthentication yes
  - RSA ÀÎÁõÀÇ »ç¿ë¿©ºÎ Á¤ÇÑ´Ù.
    À̿ɼÇÀº ssh1 ÇÁ·ÎÅäÄÝ¿¡ ÇÑÇؼ­¸¸ Àû¿ëÀÌ µÈ´Ù. ssh2¸¸ »ç¿ëÇϹǷΠÁÖ¼®Ã³¸®ÇÑ´Ù. 
 
 PasswordAuthentication yes
  - ÀÎÁõÀ» ÇÒ¶§ ¾ÏÈ£ ±â¹Ý ÀÎÁõ ¹æ¹ýÀÇ »ç¿ë¿©ºÎ¸¦ Á¤ÇÑ´Ù.
 
 BatchMode no
 
 CheckHostIP yes
  - DNS ½ºÇªÇÎÀ» ÃßÀûÇϱâ À§ÇÏ¿© ssh°¡ È£½ºÆ®ÀÇ IPÁÖ¼Ò¸¦ Ãß°¡·Î üũ ÇÒ°ÍÀÎÁö ¿©ºÎ¸¦ Á¤ÀÇÇÑ´Ù. yes·Î ¼±ÅÃÇÑ´Ù. ¼Óµµ°¡ ÀúÇϵǴ ´ÜÁ¡ÀÌ ÀÖ´Ù.
 
 FallBackToRsh no - ssh µ¥¸óÀ» ÀÌ¿ëÇÑ ¿¬°áÀÌ ½ÇÆÐÇßÀ»¶§ ÀÚµ¿À¸·Î rsh »ç¿ë¿©ºÎ¸¦ °áÁ¤ÇÏ´Â °ÍÀ¸·Î no·Î ¼³Á¤ÇÑ´Ù. rsh´Â ¾ÈÀüÇÏÁö ¸øÇϱ⠶§¹®ÀÌ´Ù.
 
 UseRsh no
  - rlogin/rsh ¼­ºñ½º°¡ ÀÌÈ£½ºÆ®¿¡¼­ »ç¿ëµÇ´ÂÁö¿¡ ´ëÇÑ ¿©ºÎ¸¦ °áÁ¤ÇÑ´Ù. no·Î ¼³Á¤ÇÑ´Ù.
 
 StrictHostKeyChecking no
  - ssh°¡ /$HOME/.ssh/known_hosts ÆÄÀÏ¿¡ ÀÚµ¿À¸·Î »õ·Î¿î È£½ºÆ®¸¦ Ãß°¡ÇÒ°ÍÀÎÁö¿Í Ãß°¡ÇÏÁö ¾ÊÀ» °ÍÀÎÁö¸¦ °áÁ¤ÇÑ´Ù. À̿ɼÇÀº yes ·Î üũÇϸé Æ®·ÎÀÌ ¸ñ¸¶ °ø°Ý¿¡ ÃÖ´ëÇÑÀÇ º¸¾ÈÀ» È®º¸ÇÒ ¼ö ÀÖ´Ù. yes·Î Çϸé known_hosts ÆÄÀÏ¿¡ È£½ºÆ® Ãß°¡°¡ ¾ÈµÊ. ÁÖ¼®Ã³¸® ȤÀº no·Î ¼³Á¤ÇؾßÇÔ.
 
 IdentityFile ~/.ssh/identity 
 IdentityFile ~/.ssh/id_rsa
 IdentityFile ~/.ssh/id_dsa
 
 Port 22
  - ssh°¡ ¸®¸ðÆ® È£½ºÆ®¿¡ ¿¬°áÇÒ Æ÷Æ®¸¦ Á¤ÀÇÇÑ´Ù.
 Protocol 2,1
  - ssh°¡ ¿ì¼±ÀûÀ¸·Î ÇÁ·ÎÅäÄÝ 2·Î Á¢¼ÓÀ» ½ÃµµÇÑÈÄ ½ÇÆÐÇϸé 1·Î Á¢¼ÓÀ» ½ÃµµÇÑ´Ù.
 Cipher 3des
 Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
 EscapeChar ~ - ¿¬°áÀ» Á¾·áÇÒ ¶§ »ç¿ëÇÏ´Â ¹®ÀÚÀÌ´Ù.
 
 RhostsAuthentication no - rhosts ±â¹ÝÀÇ ÀÎÁõÀ» »ç¿ëÇÒ°ÍÀÎÁö ¿©ºÎ¸¦ ¹¯´Â ¿É¼ÇÀÌ´Ù.

À̸§ Æнº¿öµå
ºñ¹Ð±Û (üũÇÏ¸é ±Û¾´À̸¸ ³»¿ëÀ» È®ÀÎÇÒ ¼ö ÀÖ½À´Ï´Ù.)
¿ÞÂÊÀÇ ±ÛÀÚ¸¦ ÀÔ·ÂÇϼ¼¿ä.
   

 



 
»çÀÌÆ®¸í : ¸ðÁö¸®³× | ´ëÇ¥ : ÀÌ°æÇö | °³ÀÎÄ¿¹Â´ÏƼ : ·©Å°´åÄÄ ¿î¿µÃ¼Á¦(OS) | °æ±âµµ ¼º³²½Ã ºÐ´ç±¸ | ÀüÀÚ¿ìÆí : mojily°ñ¹ðÀÌchonnom.com Copyright ¨Ï www.chonnom.com www.kyunghyun.net www.mojily.net. All rights reserved.