Home > OS >  About SSH login remote service (ali cloud centos) submitted to the Permission denied, both please tr
About SSH login remote service (ali cloud centos) submitted to the Permission denied, both please tr

Time:03-12



The firewall status: closing


cat/etc/sysconfig/iptables firewall rules

# Generated by iptables - save v1.4.21 on Wed Apr 15 21:27:34 2020
* NAT
: the PREROUTING ACCEPT [2:8 0]
: INPUT the ACCEPT [0-0]
: OUTPUT the ACCEPT [2] host,
: the POSTROUTING ACCEPT [2] host,
COMMIT
# Completed on Wed Apr 15 21:27:34 2020
# Generated by iptables - save v1.4.21 on Wed Apr 15 21:27:34 2020
* filter
: INPUT the ACCEPT [0-0]
: FORWARD ACCEPT [0-0]
: OUTPUT the ACCEPT [858] spoken
-a INPUT -m state - the state RELATED to ESTABLISHED -j ACCEPT
-a INPUT -p icmp -j ACCEPT
-a INPUT -i lo -j ACCEPT
-a INPUT -p TCP -m state - the state NEW -m TCP -- dport 22 -j ACCEPT
- REJECT, REJECT A INPUT - j - with icmp host - prohibited
- REJECT, REJECT A FORWARD - j - with icmp host - prohibited
-a INPUT -p TCP -m state - the state NEW -m TCP -- dport 3306 - j ACCEPT
-a INPUT -p TCP -m state - the state NEW -m TCP -- dport 5672 - j ACCEPT
-a INPUT -p TCP -m state - the state NEW -m TCP -- dport 15672 - j ACCEPT
-a INPUT -p TCP -m state - the state NEW -m TCP -- dport 6379 - j ACCEPT
COMMIT
# Completed on Wed Apr 15 21:27:34 2020

cat/etc/SSH/sshd_config 
 
# $OpenBSD: the sshd_config, v 1.100 2016/08/15 12:32:04 naddy Exp $

# This is the SSHD server system - wide configuration file. See 
# sshd_config (5) for more information. 

# This SSHD was compiled with PATH=/usr/local/bin:/usr/bin 

# The strategy, informs The for The options in The default sshd_config shipped with 
# OpenSSH is to specify the options with their default value where 
# possible, but leave them commented. Uncommented options override the 
# the default value. 

# If you want to change the port on a SELinux system, you have to tell 
# SELinux about this change. 
# semanage port - a - t ssh_port_t -p TCP # PORTNUMBER 
# 
# Port 22 
# AddressFamily any 
# ListenAddress 0.0.0.0 
# ListenAddress: : 

HostKey/etc/SSH/ssh_host_rsa_key 
# HostKey/etc/SSH/ssh_host_dsa_key 
HostKey/etc/SSH/ssh_host_ecdsa_key 
HostKey/etc/SSH/ssh_host_ed25519_key 

# Ciphers and keying 
# RekeyLimit default none 

# Logging 
# SyslogFacility AUTH 

# LogLevel INFO 

# Authentication: 

The LoginGraceTime 120 m 
PermitRootLogin yes 
StrictModes yes 
6 # MaxAuthTries 
# MaxSessions 10 

# PubkeyAuthentication yes 

# The default is to check both. SSH/authorized_keys. And SSH/authorized_keys2 
# but this is overridden so installations will only check. SSH/authorized_keys 
AuthorizedKeysFile. SSH/authorized_keys 

# AuthorizedPrincipalsFile none 

# AuthorizedKeysCommand none 
# AuthorizedKeysCommandUser nobody 

# For this to work you will also need the host keys in/etc/SSH/ssh_known_hosts 
# HostbasedAuthentication no 
# Change to yes if you don 't trust ~/. SSH/known_hosts for 
# HostbasedAuthentication 
# IgnoreUserKnownHosts no 
# Don 't read the user' s ~/. Rhosts and ~/. Shosts files 
# IgnoreRhosts yes 

# To disable tunneled the clear text passwords, change To the no here! 
# PermitEmptyPasswords no 


# Change to no to disable s/key passwords 
# ChallengeResponseAuthentication yes 
ChallengeResponseAuthentication no 

# Kerberos options 
# KerberosAuthentication no 
# KerberosOrLocalPasswd yes 
# KerberosTicketCleanup yes 
# KerberosGetAFSToken no 
# KerberosUseKuserok yes 

# GSSAPI options 
GSSAPIAuthentication yes 
GSSAPICleanupCredentials no 
# GSSAPIStrictAcceptorCheck yes 
# GSSAPIKeyExchange no 
# GSSAPIEnablek5users no 

# Set this to 'yes' to enable the PAM authentication, account processing, 
# and session processing. If this is enabled, the PAM authentication will 
# be allowed through the ChallengeResponseAuthentication and 
# the PAM authentication via ChallengeResponseAuthentication may bypass 
# the setting of "PermitRootLogin without - password". 
# If you just want the PAM account and session checks to run without 
# and ChallengeResponseAuthentication to 'no'. 
# WARNING: 'UsePAM no' is not supported in Red Hat Enterprise Linux and may cause several 
# the problems. 
UsePAM yes 

# AllowAgentForwarding yes 
# AllowTcpForwarding yes 
# GatewayPorts no 
X11Forwarding yes 
# X11DisplayOffset 10 
# X11UseLocalhost yes 
# PermitTTY yes 
# PrintMotd yes 
# PrintLastLog yes 
# TCPKeepAlive yes 
# UseLogin no 
# UsePrivilegeSeparation sandbox 
# PermitUserEnvironment no 
# Compression will of 
# ClientAliveInterval 0 
3 # ClientAliveCountMax 
# ShowPatchLevel no 
nullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnullnull

Page link:https//www.codepudding.com/os/104089.html

Prev:Client isolation can't point in virtual machine Settings
Next:The ls/MNT/cdrom, according to the input and output error
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding