- useradd rd
- echo "www.elain.org" | passwd --stdin rd
#下載下傳chroot環境
- cd /home
- wget http://ebook.elain.org/tools/chroot_v1.0.tar.gz
- tar zxvf chroot_v1.0.tar.gz
- chown rd.rd /home/chroot/home/rd
- rm -rf chroot_v1.0.tar.gz
#注:以上是我做好的chroot環境,大家可以直接下載下傳使用,也可以自己去做。
#啟用ssh 的chroot
- cat <<EOF>>/etc/ssh/sshd_config
- #chroot
- Match User rd
- ChrootDirectory /home/chroot
- EOF
- /etc/init.d/sshd restart
#挂載日志目錄
- mount --bind /data/logs /home/chroot/home/rd
使用rd登入測試!!!
五、openssh更新(for centos 5.5)
1.更新sshd前準備
- yum -y install gcc* make openssl openssl-devel perl pam pam-devel
- mkdir -p /opt/soft/src && cd /opt/soft/src
- wget http://ftp.bit.nl/mirror/openssh/portable/openssh-5.9p1.tar.gz
#備份現有ssh
- mv /etc/ssh/ /etc/ssh.bak
- cp /etc/init.d/sshd /etc/init.d/sshd.bak
2.安裝sshd
- cd /opt/soft/src
- tar zxf openssh-5.9p1.tar.gz
- cd openssh-5.9p1
- ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam --with-zlib --with-md5-passwords
- make
- rpm -e --nodeps openssh-server-4.3p2-41.el5
- rpm -e --nodeps openssh-4.3p2-41.el5
- make install
- mv /etc/init.d/sshd.bak /etc/init.d/sshd
- touch /etc/ssh/ssh_host_ecdsa_key
- touch /etc/ssh/ssh_host_ecdsa_key.pub
- mkdir -p /var/empty/sshd/etc
#重新開機sshd.
- /etc/init.d/sshd restart
更新成功.