Scribd
Upload
11 views1 page

Chapter9 Configuring and Securing Open SSH Service

The document provides instructions for managing SSH connections, including checking the status of the SSH service, generating SSH keys, and using key-based authentication. It also covers customizing SSH service configurations and the importance of public key verification for security. Additionally, it highlights the use of 'ssh-copy-id' for transferring public keys to remote servers and the implications of private key security.

Uploaded by

officeboyahmad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
11 views1 page

Chapter9 Configuring and Securing Open SSH Service

The document provides instructions for managing SSH connections, including checking the status of the SSH service, generating SSH keys, and using key-based authentication. It also covers customizing SSH service configurations and the importance of public key verification for security. Additionally, it highlights the use of 'ssh-copy-id' for transferring public keys to remote servers and the implications of private key security.

Uploaded by

officeboyahmad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 1

[root@server ~]# systemctl status sshd

[root@server ~]# rpm -qa | grep -i ssh


Or)
[root@server ~]# yum search sshd
[abeer@client ~]$ ssh-keygen (Default is RSA)
[abeer@client ~]$ ssh-keygen -t dsa
[abeer@client ~]$ ssh-keygen -t rsa
[abeer@client ~]$ cd .ssh/
[abeer@client ~]$ ssh 192.168.1.10
[abeer@client ~]$ ssh [email protected]
[abeer@client ~]$ ssh [email protected] hostname
[abeer@client ~]$ exit (exit from the SSH session)
[root@server ~]# w
[root@server ~]# who

Note)
- The first time a user uses ssh to connect to a particular server, the ssh command
stores the server's public key in the user's ~/.ssh/known_hosts file. Every time
the user connects after that, the client makes sure it gets the same public key
from the server by comparing the server's entry in the ~/.ssh/known_hosts file to
the public key the server sent. If the keys do not match, the client assumes that
the network traffic is being hijacked or that the server has been compromised, and
breaks the connection.
- Host keys are stored in /etc/ssh/ssh_host_key * on the SSH server.
===================================================================
SSH key-based authentication:
[abeer@client ~]$ ssh-copy-id 192.168.1.1
[abeer@client ~]$ ssh-copy-id [email protected]
[abeer@client ~]$ ssh-copy-id -p 2020 [email protected]
[abeer@client ~]$ ssh-copy-id -i ~/ssh/id_rsa.pub [email protected]

- In the event the private key is stolen, it is very difficult for someone other
than the issuer to use it when protected with a passphrase.
- When the key is copied to another system using ssh-copy-id, it copies the
~/.ssh/id_rsa.pub file by default.

[root@server ~]# cd /home/abeer/.ssh/


authorized_keys

[root@server ~]# ps aux | grep -i ssh


[root@server ~]# kill 8619
===================================================================
Customizing SSH Service Configuration:
[root@server ~]# vim /etc/ssh/sshd_config
#Port 22 (Changes the default port)
#PermitRootLogin yes (Prohibit the root user from logging in using SSH)
PasswordAuthentication yes (Prohibit password authentication using SSH)

[abeer@client ~]$ ssh [email protected] -p 2200


===================================================================

Best wishes:
Abeer :)

You might also like