1. su 사용권한 제한하기

[in4zone.net]# chgrp wheel /bin/su
[in4zone.net]# chmod o-rx /bin/su
[in4zone.net]# chmod u+s /bin/su
[in4zone.net]# vi /etc/group

###################################
#
# wheel:x:10:root,in4zone (추가하기)
#
###################################

2. 파일 접근 제어하기

[in4zone.net]# chmod og-r *
[in4zone.net]# chmod og-r .
[in4zone.net]# chmod og-r ..
[in4zone.net]# chmod 700 /bin/ps
[in4zone.net]# chmod 700 /bin/df
[in4zone.net]# chmod 700 /usr/bin/top
[in4zone.net]# chmod 700 /usr/bin/ntop
[in4zone.net]# chmod 700 /usr/bin/find
[in4zone.net]# chmod 700 /usr/bin/locate
[in4zone.net]# chmod 700 /usr/bin/whereis
[in4zone.net]# chmod 700 /usr/bin/free

3. SSH 설정하기

[in4zone.net]# vi /etc/ssh/sshd_config

#######################################################
#
# Port 22
# Protocol 2,1
# HostKey /etc/ssh/ssh_host_key
# HostKey /etc/ssh/ssh_host_rsa_key
# HostKey /etc/ssh/ssh_host_dsa_key
# KeyRegenerationInterval 3600
# ServerKeyBits 768
# Syslog Facility AUTHPRIV
# LoginGraceTime 600
# PermitRootLogin no
# RSAAuthentication yes
# PubkeyAuthentication yes
# IgnoreRhosts yes
# PasswordAuthentication yes
# PermitEmptyPasswords no
# X11Forwarding no
# Subsystem sftp /usr/libexec/openssh/sftp-server
#
##############################################################

댓글 달기