ssh ключи

$ ssh-keygen -q
$ ssh-copy-id -i ~/.ssh/id_rsa.pub host

remote tar

#get
$ ssh user@host "tar zcf - /var/lib/mysql" > file.tar.gz

#send
$ tar zcf - /var/lib/mysql | ssh user@host "cat > file.tar.gz"

ssh su X forwarding

Подключение:
ssh -X host

Вывод COOKIE:
xauth list

Смена пользователя
su

Добавление COOKIE:
xauth add COOKIE

Setting UMASK for SFTP users

Add this line to /etc/pam.d/sshd:

session    optional     pam_umask.so umask=0002

Protect SSH by fail2ban on centos 7

yum install -y fail2ban
cat >> /etc/fail2ban/jail.d/customisation.local <<EOF
[sshd]
enabled = true
EOF
systemctl enable fail2ban
systemctl start fail2ban
fail2ban-client status sshd

User tags

lxc elliptics opreport gpg xfs virsh dhclient lstat dhcp dstat quagga su asoundrc soa xhost virt-install find puppet opcontrol CentOS debian shorewall virtualbox vlan grub raid freedos git ip arch swap tzdata rpm LSI Swift ipmitool HTTPS keyboard debootstrap iowait nvidia newgrp core dump alsa fail2ban ipmi centos 7 nginx jackd arp pam glusterfs htop tool boot php search SpamAssassin fio Areca bonding taskset ssh vim dpkg mkfs equalizer tiger wordpress regex gdb radeon sysresccd cache sftp rtl8723be corosync firefox sysctl iops routing mdadm PXE security erase dns CPAN cpanm usb mount HDFS in-addr.arpa Salt ardour MODx SSD OpenSSL .htaccess alien conntrack sg exim4 bind cpu dovecot groups shellshock etch drupal gre flash AMD lubuntu iptables SuperMicro limit_conn nfs4 bridge zRam encrypt exim netfilter hdparm arping 3Ware gtk noop RT graylog2 fido7 DRBD mariadb sysrq build tar source rkhunter perlbrew sysfs storage idmapd top wget xen deb iSCSI tun /etc/network/interfaces raid5 tftp vrrpd ddos video sublime vrrp java bacula numa perl vtysh rtsp sysctl.conf pulseaudio cluster squeeze tin youtube glxinfo docker-compose qemu chromium LVM proxy cgroups apt ps Adaptec bash KVM initrd oprofile xargs cfq profiling APU docker slab lts pacemaker kernel pvmove ansible lenny OpenStack bug replication leap second rsync munin chroot mysql backup route performance hotplug bscan backtrace scsi language SYN parallel ubuntu cpu usage MegaRAID ha iostat NFS StorMan openvpn apache ulimit X forwarding qcow2 PTR