RH 253: HOW TO CONFIGURE OPEN SSH

        SSH   

--> Pkg     -openssh
    Daemon  -sshd
    Portnum -22
    Files   -/etc/ssh/sshd_config
            .ssh/*


---> vim /etc/ssh/sshd_config

1. line 13  -> change port num.
   Port  53
   service sshd restart
   

  client connecting to your machine should connect giving like this
   ssh  -p 53  <server ip>  ,Only then it connects.


2. line 37   -> Allow/stop user to ssh
   AllowUsers  u1
   DenyUsers   u2
   service sshd restart


   This stops a client to connect as u2 and can connect as only u1 user.


3. line 37   -> Allow/stop user to ssh


   AllowGroups  asia
   DenyGroups   america
   service sshd restart


   This stops a client to connect as any members of america, and can connect
   as any member os america.


4. line 38  -> Login grace time.
   LoginGraceTime 1m 
   service sshd restart


   Once you connect to sshserver, you haf to provide password within a min,
   or connection fails.


5. line 39  -> Root login allowed/not-allowed
   PermitRootLogin no
   service sshd restart


   This stops a client to ssh as root user,anb can connect as normal user only


6. line 41  -> Password prompts
   MaxAuthTries 1
   service sshd restart


   Password is prompted only twice within which he has to give right password
   to authenticate.


7. line 96  -> Stop Gui Access


   X11Forwarding no
   service sshd restart


   Thou the client connects to your server using ssh -X <server.ip>, they
   wont be able to connect to GUI of Server


8.  Generating  Public/Private key

--> To generate the key     ->Generates id_dsa,id_dsa.pub files under .ssh dir
    ssh-keygen  -t   dsa

--> To copy key to client machine   ->copies id_dsa to .ssh of clients machine
    ssh-copy-id  -i   /root/.ssh/id_dsa    <clients.ip>




 


If you found this post useful, I would really love it, if you can Like the Page, or share it with your Facebook/Google+/Twitter Friends... It will keep me motivated. Thank you!

No comments:

Post a Comment