ubuntu16默认使用ufw(Uncomplicated FireWall 继承自 iptables)管理防火墙,使用gufw图形化界面方便管理,
默认情况下openssh-server没有安装。
1.安装gufw
root@ubuntu:/home/dream361# apt-get install gufw
2.查看ufw状态
root@ubuntu:/home/dream361# ufw status
3.安装ssh服务(ubuntu16默认情况下没有安装ssh服务):
root@ubuntu:/home/dream361# apt-get install openssh-server
4.查看ssh服务是否开启(如果监听22端口,则已开启):
root@ubuntu:/home/dream361# netstat -nltp 或者 ps -ef | grep sshd
5.在gufw添加规则,允许接入ssh服务
root@ubuntu:/home/dream361# ufw allow 22
6.客户端连接ssh,报错:server responded algorithm negotiation
解决办法:
修改ssh的配置文件 /etc/ssh/sshd_config
在配置文件sshd_config的末尾添加:
Ciphers aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr,3des-cbc,arcfour128,arcfour256,arcfour,blowfish-cbc,cast128-cbc
MACs hmac-md5,hmac-sha1,umac-64@openssh.com ,hmac-ripemd160,hmac-sha1-96,hmac-md5-96
KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1,curve25519-sha256@libssh.org
7.重启ssh:
root@ubuntu:/home/dream361# service ssh restart