Config ssh access with apache

First, generate the ssh keys and the certificate.

We use a self-signed wildcard certificate here.
Run the following command:

cd /etc/apache2/
mkdir ssl
cd ssl
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt

The last command will prompt some filed for you to input.
The most important one is Common Name, we fix this with a wildcard url, for example: *.unieagle.net
Then the first part is done.

Second, configure the apache

In the /etc/apache2/sites-available, there are your sites configuration files.
Take www.somedomain.com as example, the file should be modified to something like this:


 ServerAdmin someemail@somedomain.com
 ServerName www.somedomain.com
 DocumentRoot /somewhere/the/site/at
 ErrorLog /somewhere/the/site/at/logs/error.log
 CustomLog /somewhere/the/site/at/logs/access.log combined
 SSLEngine On
 SSLCertificateFile /etc/apache2/ssl/apache.crt
 SSLCertificateKeyFile /etc/apache2/ssl/apache.key
 
  SSLRequireSSL On
  SSLVerifyClient optional
  SSLVerifyDepth 1
  SSLOptions +StdEnvVars +StrictRequire
 

Third, restart your apache

service apache2 restart

If you got something wrong, like SSLEngine not valid, you should enable the model first:

a2enmode ssl

“Config ssh access with apache”的一个回复

发表评论

电子邮件地址不会被公开。 必填项已用*标注