{"id":150,"date":"2026-05-02T00:13:26","date_gmt":"2026-05-01T22:13:26","guid":{"rendered":"https:\/\/eryann.fr\/?p=150"},"modified":"2026-05-02T14:12:00","modified_gmt":"2026-05-02T12:12:00","slug":"fiche-ssh-installation-et-securisation","status":"publish","type":"post","link":"https:\/\/eryann.fr\/index.php\/linux\/fiche-ssh-installation-et-securisation\/","title":{"rendered":"Fiche SSH : installation et s\u00e9curisation"},"content":{"rendered":"\n<p>Pour les \u00e9tudiants en BTS CIEL ou SIO, SSH est un service critique pour l\u2019administration des syst\u00e8mes.<br>Cette fiche propose une configuration <strong>renforc\u00e9e<\/strong> conforme aux bonnes pratiques de s\u00e9curit\u00e9 et aux attentes d\u2019un audit type Lynis.<\/p>\n\n\n\n<p>Objectifs :<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>s\u00e9curiser l\u2019acc\u00e8s distant<\/li>\n\n\n\n<li>limiter les attaques automatis\u00e9es<\/li>\n\n\n\n<li>appliquer un hardening r\u00e9aliste en environnement professionnel<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"683\" height=\"1024\" src=\"https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/a666ba9a-5892-4839-8de3-905bd84b3b6d-683x1024.png\" alt=\"\" class=\"wp-image-151\" srcset=\"https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/a666ba9a-5892-4839-8de3-905bd84b3b6d-683x1024.png 683w, https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/a666ba9a-5892-4839-8de3-905bd84b3b6d-200x300.png 200w, https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/a666ba9a-5892-4839-8de3-905bd84b3b6d-768x1152.png 768w, https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/a666ba9a-5892-4839-8de3-905bd84b3b6d.png 1024w\" sizes=\"auto, (max-width: 683px) 100vw, 683px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Configuration compl\u00e8te SSH s\u00e9curis\u00e9e <\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code># =========================================================<br># INSTALLATION<br># =========================================================<br><br>apt update &amp;&amp; apt install openssh-server -y<br><br># =========================================================<br># DEMARRAGE<br># =========================================================<br><br>systemctl enable ssh<br>systemctl start ssh<br><br># =========================================================<br># CONFIGURATION SSH<br># =========================================================<br><br>nano \/etc\/ssh\/sshd_config<br><br># =========================================================<br># PARAMETRES DE BASE<br># =========================================================<br><br>Port 2222<br>Protocol 2<br><br># =========================================================<br># AUTHENTIFICATION<br># =========================================================<br><br>PermitRootLogin no<br>PasswordAuthentication no<br>PermitEmptyPasswords no<br><br># Limiter les utilisateurs<br>AllowUsers user1 user2<br><br># =========================================================<br># GESTION DES TENTATIVES<br># =========================================================<br><br>MaxAuthTries 3<br>LoginGraceTime 30<br><br># =========================================================<br># TIMEOUT SESSION<br># =========================================================<br><br>ClientAliveInterval 300<br>ClientAliveCountMax 2<br><br># =========================================================<br># CHIFFREMENT (HARDENING)<br># =========================================================<br><br>Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes256-ctr<br>MACs hmac-sha2-512,hmac-sha2-256<br>KexAlgorithms curve25519-sha256@libssh.org<br><br># =========================================================<br># DESACTIVATION FONCTIONS INUTILES<br># =========================================================<br><br>X11Forwarding no<br>AllowTcpForwarding no<br>AllowAgentForwarding no<br>PermitTunnel no<br><br># =========================================================<br># BANNER DE SECURITE<br># =========================================================<br><br>Banner \/etc\/issue.net<br><br># =========================================================<br># RED\u00c9MARRAGE<br># =========================================================<br><br>systemctl restart ssh<br><br># =========================================================<br># CREATION BANNER<br># =========================================================<br><br>nano \/etc\/issue.net<br><br>Acc\u00e8s r\u00e9serv\u00e9 - toute activit\u00e9 est surveill\u00e9e et journalis\u00e9e<br><br># =========================================================<br># AUTHENTIFICATION PAR CLE<br># =========================================================<br><br># Sur le client<br>ssh-keygen -t ed25519<br><br>ssh-copy-id -p 2222 user1@192.168.1.10<br><br># =========================================================<br># PERMISSIONS DES CLES<br># =========================================================<br><br>chmod 700 ~\/.ssh<br>chmod 600 ~\/.ssh\/authorized_keys<br><br># =========================================================<br># TEST<br># =========================================================<br><br>ssh user1@192.168.1.10 -p 2222<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Explication d\u00e9taill\u00e9e<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">1. S\u00e9curisation de l\u2019acc\u00e8s<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>changement du port \u2192 r\u00e9duit les scans automatis\u00e9s<\/li>\n\n\n\n<li>d\u00e9sactivation root \u2192 emp\u00eache les attaques directes<\/li>\n\n\n\n<li>restriction utilisateurs \u2192 limite la surface d\u2019attaque<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">2. Authentification<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>d\u00e9sactivation mot de passe \u2192 protection contre brute force<\/li>\n\n\n\n<li>utilisation de cl\u00e9s SSH \u2192 authentification forte<\/li>\n\n\n\n<li>ED25519 recommand\u00e9 \u2192 plus rapide et s\u00e9curis\u00e9<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">3. Protection contre attaques<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>MaxAuthTries<\/code> \u2192 limite les tentatives<\/li>\n\n\n\n<li><code>LoginGraceTime<\/code> \u2192 r\u00e9duit le temps d\u2019attaque<\/li>\n\n\n\n<li>timeout session \u2192 coupe les connexions inactives<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">4. Hardening cryptographique<\/h3>\n\n\n\n<p>Les param\u00e8tres suivants suppriment les algorithmes faibles :<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>Ciphers<\/code> \u2192 chiffrement fort uniquement<\/li>\n\n\n\n<li><code>MACs<\/code> \u2192 int\u00e9grit\u00e9 des \u00e9changes<\/li>\n\n\n\n<li><code>KexAlgorithms<\/code> \u2192 \u00e9change de cl\u00e9s s\u00e9curis\u00e9<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">5. D\u00e9sactivation des fonctionnalit\u00e9s inutiles<\/h3>\n\n\n\n<p>R\u00e9duction de la surface d\u2019attaque :<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>forwarding d\u00e9sactiv\u00e9<\/li>\n\n\n\n<li>tunnel interdit<\/li>\n\n\n\n<li>X11 d\u00e9sactiv\u00e9<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">6. Banner de s\u00e9curit\u00e9<\/h3>\n\n\n\n<p>Permet :<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>conformit\u00e9 r\u00e9glementaire<\/li>\n\n\n\n<li>avertissement l\u00e9gal<\/li>\n\n\n\n<li>tra\u00e7abilit\u00e9<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">7. V\u00e9rification des logs<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>tail -f \/var\/log\/auth.log<\/code><\/pre>\n\n\n\n<p>Exemple :<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>Failed password for invalid user admin from 192.168.1.60<br>Accepted publickey for user1 from 192.168.1.50<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">8. Compl\u00e9ment recommand\u00e9<\/h3>\n\n\n\n<p>Installer fail2ban pour renforcer la protection et le param\u00e9trer:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>apt install fail2ban -y<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Bonnes pratiques<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>utiliser uniquement des cl\u00e9s SSH<\/li>\n\n\n\n<li>limiter l\u2019acc\u00e8s par IP (pare-feu)<\/li>\n\n\n\n<li>surveiller les logs r\u00e9guli\u00e8rement<\/li>\n\n\n\n<li>mettre \u00e0 jour le syst\u00e8me<\/li>\n\n\n\n<li>tester apr\u00e8s chaque modification<\/li>\n\n\n\n<li>garder un acc\u00e8s console en cas d\u2019erreur<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">R\u00e9capitulatif des fichiers importants<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>Fichier<\/th><th>R\u00f4le<\/th><\/tr><\/thead><tbody><tr><td>\/etc\/ssh\/sshd_config<\/td><td>configuration serveur SSH<\/td><\/tr><tr><td>\/etc\/ssh\/ssh_config<\/td><td>configuration client<\/td><\/tr><tr><td>\/etc\/issue.net<\/td><td>banni\u00e8re de s\u00e9curit\u00e9<\/td><\/tr><tr><td>~\/.ssh\/authorized_keys<\/td><td>cl\u00e9s autoris\u00e9es<\/td><\/tr><tr><td>\/var\/log\/auth.log<\/td><td>logs SSH<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">Conclusion<\/h2>\n\n\n\n<p>Cette configuration permet d\u2019atteindre un niveau de s\u00e9curit\u00e9 \u00e9lev\u00e9 conforme aux attentes d\u2019un audit type Lynis.<\/p>\n\n\n\n<p>Elle permet :<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>de r\u00e9duire fortement les attaques<\/li>\n\n\n\n<li>de s\u00e9curiser l\u2019acc\u00e8s distant<\/li>\n\n\n\n<li>de r\u00e9pondre aux bonnes pratiques professionnelles<\/li>\n<\/ul>\n\n\n\n<p>C\u2019est une base solide pour un environnement de production ou un projet de cybers\u00e9curit\u00e9.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Pour les \u00e9tudiants en BTS CIEL ou SIO, SSH est un service critique pour l\u2019administration des syst\u00e8mes.Cette fiche propose une configuration renforc\u00e9e conforme aux bonnes pratiques de s\u00e9curit\u00e9 et aux attentes d\u2019un audit type Lynis. Objectifs : Configuration compl\u00e8te SSH s\u00e9curis\u00e9e Explication d\u00e9taill\u00e9e 1. S\u00e9curisation de l\u2019acc\u00e8s 2. Authentification 3. Protection contre attaques 4. Hardening [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[12],"tags":[],"class_list":["post-150","post","type-post","status-publish","format-standard","hentry","category-linux"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Fiche SSH : installation et s\u00e9curisation - Eryann Breizh SecOps<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/eryann.fr\/index.php\/linux\/fiche-ssh-installation-et-securisation\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Fiche SSH : installation et s\u00e9curisation - Eryann Breizh SecOps\" \/>\n<meta property=\"og:description\" content=\"Pour les \u00e9tudiants en BTS CIEL ou SIO, SSH est un service critique pour l\u2019administration des syst\u00e8mes.Cette fiche propose une configuration renforc\u00e9e conforme aux bonnes pratiques de s\u00e9curit\u00e9 et aux attentes d\u2019un audit type Lynis. Objectifs : Configuration compl\u00e8te SSH s\u00e9curis\u00e9e Explication d\u00e9taill\u00e9e 1. S\u00e9curisation de l\u2019acc\u00e8s 2. Authentification 3. Protection contre attaques 4. Hardening [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/eryann.fr\/index.php\/linux\/fiche-ssh-installation-et-securisation\/\" \/>\n<meta property=\"og:site_name\" content=\"Eryann Breizh SecOps\" \/>\n<meta property=\"article:published_time\" content=\"2026-05-01T22:13:26+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-05-02T12:12:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/a666ba9a-5892-4839-8de3-905bd84b3b6d.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"1536\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"wpadmin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"wpadmin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/linux\\\/fiche-ssh-installation-et-securisation\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/linux\\\/fiche-ssh-installation-et-securisation\\\/\"},\"author\":{\"name\":\"wpadmin\",\"@id\":\"https:\\\/\\\/eryann.fr\\\/#\\\/schema\\\/person\\\/d2ee98d2385cd045ed4fe1c07ca320b5\"},\"headline\":\"Fiche SSH : installation et s\u00e9curisation\",\"datePublished\":\"2026-05-01T22:13:26+00:00\",\"dateModified\":\"2026-05-02T12:12:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/linux\\\/fiche-ssh-installation-et-securisation\\\/\"},\"wordCount\":366,\"publisher\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/linux\\\/fiche-ssh-installation-et-securisation\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eryann.fr\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/a666ba9a-5892-4839-8de3-905bd84b3b6d-683x1024.png\",\"articleSection\":[\"Linux\"],\"inLanguage\":\"fr-FR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/linux\\\/fiche-ssh-installation-et-securisation\\\/\",\"url\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/linux\\\/fiche-ssh-installation-et-securisation\\\/\",\"name\":\"Fiche SSH : installation et s\u00e9curisation - Eryann Breizh SecOps\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/linux\\\/fiche-ssh-installation-et-securisation\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/linux\\\/fiche-ssh-installation-et-securisation\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/eryann.fr\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/a666ba9a-5892-4839-8de3-905bd84b3b6d-683x1024.png\",\"datePublished\":\"2026-05-01T22:13:26+00:00\",\"dateModified\":\"2026-05-02T12:12:00+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/linux\\\/fiche-ssh-installation-et-securisation\\\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/eryann.fr\\\/index.php\\\/linux\\\/fiche-ssh-installation-et-securisation\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/linux\\\/fiche-ssh-installation-et-securisation\\\/#primaryimage\",\"url\":\"https:\\\/\\\/eryann.fr\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/a666ba9a-5892-4839-8de3-905bd84b3b6d.png\",\"contentUrl\":\"https:\\\/\\\/eryann.fr\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/a666ba9a-5892-4839-8de3-905bd84b3b6d.png\",\"width\":1024,\"height\":1536},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/linux\\\/fiche-ssh-installation-et-securisation\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\\\/\\\/eryann.fr\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Fiche SSH : installation et s\u00e9curisation\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/eryann.fr\\\/#website\",\"url\":\"https:\\\/\\\/eryann.fr\\\/\",\"name\":\"Eryann Breizh SecOps\",\"description\":\"Fiches techniques &amp; labs en syst\u00e8mes et r\u00e9seaux poor les \u00e9tudiants en BTS CEIL ET SIO\",\"publisher\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/eryann.fr\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/eryann.fr\\\/#organization\",\"name\":\"Breizh Sec Ops\",\"url\":\"https:\\\/\\\/eryann.fr\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/eryann.fr\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/eryann.fr\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/cropped-088112b9-fd28-4b18-b02d-4d9dded3e900-e1777846396685.png\",\"contentUrl\":\"https:\\\/\\\/eryann.fr\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/cropped-088112b9-fd28-4b18-b02d-4d9dded3e900-e1777846396685.png\",\"width\":1246,\"height\":229,\"caption\":\"Breizh Sec Ops\"},\"image\":{\"@id\":\"https:\\\/\\\/eryann.fr\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/eryann.fr\\\/#\\\/schema\\\/person\\\/d2ee98d2385cd045ed4fe1c07ca320b5\",\"name\":\"wpadmin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d71b4031c3d015de3ca68c137413277e548b331b07db0acf781b9379b798eb3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d71b4031c3d015de3ca68c137413277e548b331b07db0acf781b9379b798eb3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d71b4031c3d015de3ca68c137413277e548b331b07db0acf781b9379b798eb3e?s=96&d=mm&r=g\",\"caption\":\"wpadmin\"},\"sameAs\":[\"https:\\\/\\\/eryann.fr\"],\"url\":\"https:\\\/\\\/eryann.fr\\\/index.php\\\/author\\\/wpadmin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Fiche SSH : installation et s\u00e9curisation - Eryann Breizh SecOps","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/eryann.fr\/index.php\/linux\/fiche-ssh-installation-et-securisation\/","og_locale":"fr_FR","og_type":"article","og_title":"Fiche SSH : installation et s\u00e9curisation - Eryann Breizh SecOps","og_description":"Pour les \u00e9tudiants en BTS CIEL ou SIO, SSH est un service critique pour l\u2019administration des syst\u00e8mes.Cette fiche propose une configuration renforc\u00e9e conforme aux bonnes pratiques de s\u00e9curit\u00e9 et aux attentes d\u2019un audit type Lynis. Objectifs : Configuration compl\u00e8te SSH s\u00e9curis\u00e9e Explication d\u00e9taill\u00e9e 1. S\u00e9curisation de l\u2019acc\u00e8s 2. Authentification 3. Protection contre attaques 4. Hardening [&hellip;]","og_url":"https:\/\/eryann.fr\/index.php\/linux\/fiche-ssh-installation-et-securisation\/","og_site_name":"Eryann Breizh SecOps","article_published_time":"2026-05-01T22:13:26+00:00","article_modified_time":"2026-05-02T12:12:00+00:00","og_image":[{"width":1024,"height":1536,"url":"https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/a666ba9a-5892-4839-8de3-905bd84b3b6d.png","type":"image\/png"}],"author":"wpadmin","twitter_card":"summary_large_image","twitter_misc":{"\u00c9crit par":"wpadmin","Dur\u00e9e de lecture estim\u00e9e":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/eryann.fr\/index.php\/linux\/fiche-ssh-installation-et-securisation\/#article","isPartOf":{"@id":"https:\/\/eryann.fr\/index.php\/linux\/fiche-ssh-installation-et-securisation\/"},"author":{"name":"wpadmin","@id":"https:\/\/eryann.fr\/#\/schema\/person\/d2ee98d2385cd045ed4fe1c07ca320b5"},"headline":"Fiche SSH : installation et s\u00e9curisation","datePublished":"2026-05-01T22:13:26+00:00","dateModified":"2026-05-02T12:12:00+00:00","mainEntityOfPage":{"@id":"https:\/\/eryann.fr\/index.php\/linux\/fiche-ssh-installation-et-securisation\/"},"wordCount":366,"publisher":{"@id":"https:\/\/eryann.fr\/#organization"},"image":{"@id":"https:\/\/eryann.fr\/index.php\/linux\/fiche-ssh-installation-et-securisation\/#primaryimage"},"thumbnailUrl":"https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/a666ba9a-5892-4839-8de3-905bd84b3b6d-683x1024.png","articleSection":["Linux"],"inLanguage":"fr-FR"},{"@type":"WebPage","@id":"https:\/\/eryann.fr\/index.php\/linux\/fiche-ssh-installation-et-securisation\/","url":"https:\/\/eryann.fr\/index.php\/linux\/fiche-ssh-installation-et-securisation\/","name":"Fiche SSH : installation et s\u00e9curisation - Eryann Breizh SecOps","isPartOf":{"@id":"https:\/\/eryann.fr\/#website"},"primaryImageOfPage":{"@id":"https:\/\/eryann.fr\/index.php\/linux\/fiche-ssh-installation-et-securisation\/#primaryimage"},"image":{"@id":"https:\/\/eryann.fr\/index.php\/linux\/fiche-ssh-installation-et-securisation\/#primaryimage"},"thumbnailUrl":"https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/a666ba9a-5892-4839-8de3-905bd84b3b6d-683x1024.png","datePublished":"2026-05-01T22:13:26+00:00","dateModified":"2026-05-02T12:12:00+00:00","breadcrumb":{"@id":"https:\/\/eryann.fr\/index.php\/linux\/fiche-ssh-installation-et-securisation\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/eryann.fr\/index.php\/linux\/fiche-ssh-installation-et-securisation\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/eryann.fr\/index.php\/linux\/fiche-ssh-installation-et-securisation\/#primaryimage","url":"https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/a666ba9a-5892-4839-8de3-905bd84b3b6d.png","contentUrl":"https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/a666ba9a-5892-4839-8de3-905bd84b3b6d.png","width":1024,"height":1536},{"@type":"BreadcrumbList","@id":"https:\/\/eryann.fr\/index.php\/linux\/fiche-ssh-installation-et-securisation\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/eryann.fr\/"},{"@type":"ListItem","position":2,"name":"Fiche SSH : installation et s\u00e9curisation"}]},{"@type":"WebSite","@id":"https:\/\/eryann.fr\/#website","url":"https:\/\/eryann.fr\/","name":"Eryann Breizh SecOps","description":"Fiches techniques &amp; labs en syst\u00e8mes et r\u00e9seaux poor les \u00e9tudiants en BTS CEIL ET SIO","publisher":{"@id":"https:\/\/eryann.fr\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/eryann.fr\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/eryann.fr\/#organization","name":"Breizh Sec Ops","url":"https:\/\/eryann.fr\/","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/eryann.fr\/#\/schema\/logo\/image\/","url":"https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/cropped-088112b9-fd28-4b18-b02d-4d9dded3e900-e1777846396685.png","contentUrl":"https:\/\/eryann.fr\/wp-content\/uploads\/2026\/05\/cropped-088112b9-fd28-4b18-b02d-4d9dded3e900-e1777846396685.png","width":1246,"height":229,"caption":"Breizh Sec Ops"},"image":{"@id":"https:\/\/eryann.fr\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/eryann.fr\/#\/schema\/person\/d2ee98d2385cd045ed4fe1c07ca320b5","name":"wpadmin","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/secure.gravatar.com\/avatar\/d71b4031c3d015de3ca68c137413277e548b331b07db0acf781b9379b798eb3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d71b4031c3d015de3ca68c137413277e548b331b07db0acf781b9379b798eb3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d71b4031c3d015de3ca68c137413277e548b331b07db0acf781b9379b798eb3e?s=96&d=mm&r=g","caption":"wpadmin"},"sameAs":["https:\/\/eryann.fr"],"url":"https:\/\/eryann.fr\/index.php\/author\/wpadmin\/"}]}},"_links":{"self":[{"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/posts\/150","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/comments?post=150"}],"version-history":[{"count":1,"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/posts\/150\/revisions"}],"predecessor-version":[{"id":152,"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/posts\/150\/revisions\/152"}],"wp:attachment":[{"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/media?parent=150"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/categories?post=150"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/eryann.fr\/index.php\/wp-json\/wp\/v2\/tags?post=150"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}