Chinaunix首页 | 论坛 | 博客
  • 博客访问: 774524
  • 博文数量: 160
  • 博客积分: 2516
  • 博客等级: 大尉
  • 技术积分: 1511
  • 用 户 组: 普通用户
  • 注册时间: 2004-10-24 17:58
文章分类

全部博文(160)

文章存档

2019年(2)

2018年(3)

2017年(15)

2016年(3)

2015年(11)

2014年(3)

2013年(1)

2012年(3)

2011年(17)

2010年(25)

2009年(17)

2008年(13)

2007年(14)

2006年(21)

2005年(10)

2004年(2)

分类: LINUX

2017-08-30 16:34:13


点击(此处)折叠或打开

  1. group: sftp:x:501:
  2. user: vue:x:501:501::/data/webapps/oa/ROOT:/bin/false


点击(此处)折叠或打开

  1. # $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $
  2. # This is the sshd server system-wide configuration file. See
  3. # sshd_config(5) for more information.
  4. # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
  5. # The strategy used for options in the default sshd_config shipped with
  6. # OpenSSH is to specify options with their default value where
  7. # possible, but leave them commented. Uncommented options change a
  8. # default value.
  9. Port 52525
  10. #ListenAddress 0.0.0.0
  11. #ListenAddress ::
  12. # Disable legacy (protocol version 1) support in the server for new
  13. # installations. In future the default will change to require explicit
  14. # activation of protocol 1
  15. Protocol 2
  16. # HostKey for protocol version 1
  17. #HostKey /etc/ssh/ssh_host_key
  18. # HostKeys for protocol version 2
  19. #HostKey /etc/ssh/ssh_host_rsa_key
  20. #HostKey /etc/ssh/ssh_host_dsa_key
  21. # Lifetime and size of ephemeral version 1 server key
  22. #KeyRegenerationInterval 1h
  23. #ServerKeyBits 1024
  24. # Logging
  25. # obsoletes QuietMode and FascistLogging
  26. #LogLevel INFO
  27. # Authentication:
  28. #LoginGraceTime 2m
  29. #StrictModes yes
  30. #MaxAuthTries 6
  31. #MaxSessions 10
  32. #RSAAuthentication yes
  33. #PubkeyAuthentication yes
  34. #AuthorizedKeysFile .ssh/authorized_keys
  35. #AuthorizedKeysCommand none
  36. #AuthorizedKeysCommandRunAs nobody
  37. # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
  38. #RhostsRSAAuthentication no
  39. # similar for protocol version 2
  40. #HostbasedAuthentication no
  41. # Change to yes if you don't trust ~/.ssh/known_hosts for
  42. # RhostsRSAAuthentication and HostbasedAuthentication
  43. #IgnoreUserKnownHosts no
  44. # Don't read the user's ~/.rhosts and ~/.shosts files
  45. #IgnoreRhosts yes
  46. # To disable tunneled clear text passwords, change to no here!
  47. #PermitEmptyPasswords no
  48. # Change to no to disable s/key passwords
  49. #ChallengeResponseAuthentication yes
  50. ChallengeResponseAuthentication no
  51. # Kerberos options
  52. #KerberosAuthentication no
  53. #KerberosOrLocalPasswd yes
  54. #KerberosTicketCleanup yes
  55. #KerberosGetAFSToken no
  56. #KerberosUseKuserok yes
  57. # GSSAPI options
  58. #GSSAPIAuthentication no
  59. GSSAPIAuthentication yes
  60. #GSSAPICleanupCredentials yes
  61. GSSAPICleanupCredentials yes
  62. #GSSAPIStrictAcceptorCheck yes
  63. #GSSAPIKeyExchange no
  64. # Set this to 'yes' to enable PAM authentication, account processing,
  65. # and session processing. If this is enabled, PAM authentication will
  66. # be allowed through the ChallengeResponseAuthentication and
  67. # PAM authentication via ChallengeResponseAuthentication may bypass
  68. # If you just want the PAM account and session checks to run without
  69. # and ChallengeResponseAuthentication to 'no'.
  70. #UsePAM no
  71. UsePAM yes
  72. # Accept locale-related environment variables
  73. AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
  74. AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
  75. AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
  76. AcceptEnv XMODIFIERS
  77. #AllowAgentForwarding yes
  78. #AllowTcpForwarding yes
  79. #GatewayPorts no
  80. #X11Forwarding no
  81. X11Forwarding yes
  82. #X11DisplayOffset 10
  83. #X11UseLocalhost yes
  84. #PrintMotd yes
  85. #PrintLastLog yes
  86. #TCPKeepAlive yes
  87. #UseLogin no
  88. #UsePrivilegeSeparation yes
  89. #PermitUserEnvironment no
  90. #Compression delayed
  91. #ClientAliveInterval 0
  92. #ClientAliveCountMax 3
  93. #ShowPatchLevel no
  94. #PidFile /var/run/sshd.pid
  95. #MaxStartups 10:30:100
  96. #PermitTunnel no
  97. #ChrootDirectory none
  98. UseDNS no
  99. AddressFamily inet
  100. PermitRootLogin yes
  101. SyslogFacility AUTHPRIV
  102. PasswordAuthentication yes
  103. ClientAliveInterval 60
  104. ClientAliveCountMax 3
  105. # no default banner path
  106. #Banner none
  107. # override default of no subsystems
  108. # yuanzy Subsystem sftp /usr/libexec/openssh/sftp-server
  109. Subsystem sftp internal-sftp
  110. Match Group sftp
  111. X11Forwarding no
  112. AllowTcpForwarding no
  113. ChrootDirectory /data/webapps/oa
  114. ForceCommand internal-sftp
  115. # Example of overriding settings on a per-user basis
  116. #Match User anoncvs
  117. # X11Forwarding no
  118. # AllowTcpForwarding no
  119. # ForceCommand cvs server

点击(此处)折叠或打开

  1. chown -R root.root /data/webapps/oa
  2. chmod -R 755 /data/webapps/oa
  3. chmown -R vue:sftp /data/webapps/oa/ROOT


阅读(864) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~