@ -274,6 +274,12 @@ Specifies the fingerprint of the `TLS Client Hello` message. When empty, fingerp
This feature only **simulates** the fingerprint of `TLS Client Hello` message, leaving other behaviours the same as vanilla Go TLS. If you want to simulate a browser `TLS` more completely, use the [Browser Dialer](./transports/websocket.md#browser-dialer).
:::
::: tip
When using this feature, some TLS options that affect the TLS fingerprint will be overridden by the utls library and will no longer be effective, such as ALPN.
Specifies the SHA256 hash values of the certificate chain of the remote server, using the standard encoding format. Only when the hash value of the server-side certificate chain matches any of the specified can a TLS connection be successfully established.
@ -87,6 +87,12 @@ This article uses `9753` as an example, which means that with the release of thi
- If you observed carefully in step 3, you would have noticed that saving is not done by the common `ctrl+s`.
- The correct shortcut keys: save is `ctrl+o` + `enter`, and exit is `ctrl+x`.
- (For some operating systems) Add a firewall rule to set the new SSH port, otherwise, you won't be able to log in via SSH after the instance restarts.
- For example, on Ubuntu using ufw.
```shell
sudo ufw allow 9753/tcp
```
7. The last thing we need to do is to [restart the SSH service to make the changes take effect].
@ -94,7 +100,7 @@ This article uses `9753` as an example, which means that with the release of thi
systemctl restart ssh
```
This is a shell command to restart the SSH service.
Then you can try opening a new session in your SSH software to check if you can connect. If there are any issues, you can modify the configuration through the old SSH session (SSH connections that are already open will not be closed when restarting sshd).
8. The complete process demonstration is as follows:
mmmray
4 months ago