Solaris 10下开启Root远程访问的步骤

Solaris 10下开启root远程访问的步骤

首先，找到/etc/ssh/sshd_config文件，找到PermitRootLogin那行。看看该关键字后面跟的是“yes”，还是“no”。“yes”代表允许非本机使用ssh访问Solaris；“no”代表不允许非本机通过ssh访问Solaris服务器。

其次，把“yes”、“no”修改为预期要修改的结果。

最后，用命令“svcadm restart ssh”重启服务就可以了。

操作代码如下：

bash-3.00# grep PermitRootLogin /etc/ssh/sshd_config

PermitRootLogin no

bash-3.00# vi /etc/ssh/sshd_config

"/etc/ssh/sshd_config" 156 行，5026 字符

#

# Copyright 2009 Sun Microsystems, Inc. All rights reserved.

# Use is subject to license terms.

#

# ident "@(#)sshd_config 1.9 09/04/30 SMI"

#

# Configuration file for sshd(1m)

# Protocol versions supported

#

# The sshd shipped in this release of Solaris has support for major versions

# 1 and 2. It is recommended due to security weaknesses in the v1 protocol

# that sites run only v2 if possible. Support for v1 is provided to help sites

# with existing ssh v1 clients/servers to transition.

# Support for v1 may not be available in a future release of Solaris.

#

# To enable support for v1 an RSA1 key must be created with ssh-keygen(1).

# RSA and DSA keys for protocol v2 are created by /etc/init.d/sshd if they

# do not already exist, RSA1 keys for protocol v1 are not automatically created.

# Uncomment ONLY ONE of the following Protocol statements.

# Only v2 (recommended)

Protocol 2

# Both v1 and v2 (not recommended)

#Protocol 2,1

# Only v1 (not recommended)

#Protocol 1

# Listen port (the IANA registered port number for ssh is 22)

Port 22

# The default listen address is all interfaces, this may need to be changed

# if you wish to restrict the interfaces sshd listens on for a multi homed host.

# Multiple ListenAddress entries are allowed.

/PermitRootLogin no

# To disable tunneled clear text passwords, change PasswordAuthentication to no.

PasswordAuthentication yes

# Use PAM via keyboard interactive method for authentication.

# Depending on the setup of pam.conf(4) this may allow tunneled clear text

# passwords even when PasswordAuthentication is set to no. This is dependent

# on what the individual modules request and is out of the control of sshd

# or the protocol.

PAMAuthenticationViaKBDInt yes

# Are root logins permitted using sshd.

# Note that sshd uses pam_authenticate(3PAM) so the root (or any other) user

# maybe denied access by a PAM module regardless of this setting.

# Valid options are yes, without-password, no.

PermitRootLogin yes

# sftp subsystem

Subsystem sftp /usr/lib/ssh/sftp-server

# SSH protocol v1 specific options

#

# The following options only apply to the v1 protocol and provide

# some form of backwards compatibility with the very weak security

# of /usr/bin/rsh. Their use is not recommended and the functionality

# will be removed when support for v1 protocol is removed.

# Should sshd use .rhosts and .shosts for password less authentication.

IgnoreRhosts yes

RhostsAuthentication no

"/etc/ssh/sshd_config" 158 行，5030 字符

bash-3.00# svcadm restart ssh