Поиск  Пользователи  Правила 
Закрыть
Логин:
Пароль:
Забыли свой пароль?
Войти
 
Страницы: 1
RSS
Конфиги, логи и пароли к ftpd и OpenSSH, Для FreeBSD
 
Где собственно лежит это всё?

ftpd - стандартный фряховский

Логи ftpd совместно с syslog идут по-дефолту как понял... а остальное?
"Красота - как специи, которые хорошую еду делают ещё вкуснее, а без еды есть невозможно."
 
В линухе с openssh :
1. Основные конфиги - /etc/ssh/ : ssh_config - клиентская часть, sshd_config - сервера.
2. Затрагиваемые файлы (выдержка из мана) :

    $HOME/.ssh/known_hosts
    Records host keys for all hosts the user has logged into that are
    not in /etc/ssh_known_hosts.  See sshd(8).

    $HOME/.ssh/identity, $HOME/.ssh/id_dsa, $HOME/.ssh/id_rsa
    Contains the authentication identity of the user. They are for
    protocol 1 RSA, protocol 2 DSA, and protocol 2 RSA, respectively.
    These files contain sensitive data and should be readable by the
    user but not accessible by others (read/write/execute).  Note
    that ssh ignores a private key file if it is accessible by oth-
    ers.  It is possible to specify a passphrase when generating the
    key; the passphrase will be used to encrypt the sensitive part of
    this file using 3DES.

    $HOME/.ssh/identity.pub, $HOME/.ssh/id_dsa.pub, $HOME/.ssh/id_rsa.pub
    Contains the public key for authentication (public part of the
    identity file in human-readable form).  The contents of the
    $HOME/.ssh/identity.pub file should be added to the file
    $HOME/.ssh/authorized_keys on all machines where the user wishes
    to log in using protocol version 1 RSA authentication.  The con-
    tents of the $HOME/.ssh/id_dsa.pub and $HOME/.ssh/id_rsa.pub file
    should be added to $HOME/.ssh/authorized_keys on all machines
    where the user wishes to log in using protocol version 2 DSA/RSA
    authentication.  These files are not sensitive and can (but need
    not) be readable by anyone.  These files are never used automati-
    cally and are not necessary; they are only provided for the con-
    venience of the user.

    $HOME/.ssh/config
    This is the per-user configuration file.  The file format and
    configuration options are described in ssh_config(5).  Because of
    the potential for abuse, this file must have strict permissions:
    read/write for the user, and not accessible by others.

    $HOME/.ssh/authorized_keys
    Lists the public keys (RSA/DSA) that can be used for logging in
    as this user.  The format of this file is described in the
    sshd(8) manual page.  In the simplest form the format is the same
    as the .pub identity files.  This file is not highly sensitive,
    but the recommended permissions are read/write for the user, and
    not accessible by others.

    /etc/ssh_known_hosts
    Systemwide list of known host keys.  This file should be prepared
    by the system administrator to contain the public host keys of
    all machines in the organization. This file should be world-
    readable. This file contains public keys, one per line, in the
    following format (fields separated by spaces): system name, pub-
    lic key and optional comment field.  When different names are
    used for the same machine, all such names should be listed, sepa-
    rated by commas.  The format is described in the sshd(8) manual
    page.

    The canonical system name (as returned by name servers) is used
    by sshd(8) to verify the client host when logging in; other names
    are needed because ssh does not convert the user-supplied name to
    a canonical name before checking the key, because someone with
    access to the name servers would then be able to fool host
    authentication.

    /etc/ssh_config
    Systemwide configuration file.  The file format and configuration
    options are described in ssh_config(5).

    /etc/ssh_host_key, /etc/ssh_host_dsa_key, /etc/ssh_host_rsa_key
    These three files contain the private parts of the host keys and
    are used for RhostsRSAAuthentication and HostbasedAuthentication.
    If the protocol version 1 RhostsRSAAuthentication method is used,
    ssh must be setuid root, since the host key is readable only by
    root.  For protocol version 2, ssh uses ssh-keysign(8) to access
    the host keys for HostbasedAuthentication. This eliminates the
    requirement that ssh be setuid root when that authentication
    method is used.  By default ssh is not setuid root.

    $HOME/.rhosts
    This file is used in RhostsRSAAuthentication and
    HostbasedAuthentication authentication to list the host/user
    pairs that are permitted to log in.  (Note that this file is also
    used by rlogin and rsh, which makes using this file insecure.)
    Each line of the file contains a host name (in the canonical form
    returned by name servers), and then a user name on that host,
    separated by a space.  On some machines this file may need to be
    world-readable if the user’s home directory is on a NFS parti-
    tion, because sshd(8) reads it as root.  Additionally, this file
    must be owned by the user, and must not have write permissions
    for anyone else.  The recommended permission for most machines is
    read/write for the user, and not accessible by others.

    Note that sshd(8) allows authentication only in combination with
    client host key authentication before permitting log in.  If the
    server machine does not have the client’s host key in
    /etc/ssh_known_hosts, it can be stored in $HOME/.ssh/known_hosts.
    The easiest way to do this is to connect back to the client from
    the server machine using ssh; this will automatically add the
    host key to $HOME/.ssh/known_hosts.

    $HOME/.shosts
    This file is used exactly the same way as .rhosts. The purpose
    for having this file is to be able to use RhostsRSAAuthentication
    and HostbasedAuthentication authentication without permitting
    login with rlogin or rsh(1).

    /etc/hosts.equiv
    This file is used during RhostsRSAAuthentication and
    HostbasedAuthentication authentication.  It contains canonical
    hosts names, one per line (the full format is described in the
    sshd(8) manual page).  If the client host is found in this file,
    login is automatically permitted provided client and server user
    names are the same.  Additionally, successful client host key
    authentication is required.  This file should only be writable by
    root.

    /etc/shosts.equiv
    This file is processed exactly as /etc/hosts.equiv.  This file
    may be useful to permit logins using ssh but not using
    rsh/rlogin.

    /etc/ssh/sshrc
    Commands in this file are executed by ssh when the user logs in
    just before the user’s shell (or command) is started.  See the
    sshd(8) manual page for more information.

    $HOME/.ssh/rc
    Commands in this file are executed by ssh when the user logs in
    just before the user’s shell (or command) is started.  See the
    sshd(8) manual page for more information.

    $HOME/.ssh/environment
    Contains additional definitions for environment variables, see
    section ENVIRONMENT above.

3. Пишет лог по адресу /var/log/secure
4. Пароли вообще-то не хранит, хранит ключи - см. список файлов п.2
5. man ssh :)
Страницы: 1
Читают тему