Hello Friends, Next we are going to discuss about SSH we can say secure shell server , Basically it a Remote login utility which is used to connect Remotely with other system. This utility works as Telnet but the key difference is it has security features & has data encryption scheme.
Type:System V-managed service
Package: openssh-server ( for server ) & openssh-clients ( for Client )
Daemon:/usr/sbin/vsftpd
Script:/etc/init.d/vsftpd
Ports:22
Configuration files:/etc/ssh/sshd_config,/etc/ssh/ssh_config,
Log:/var/log/xferlog
Related:tcp_wrappers,ip_conntrack_ftp,ip_nat_ftp
default selinux daemon= /var/ftp
Step 1: we need to login as root privilages & then to install sshd server type yum install openssh-server
Step 2: now we need to install Client for sshd server so type yum install openssh-client
Now after installation start service by service sshd start
here is our sshd dir in /etc/ssh
customize sshd.config & ssh.config file accordingly if we want to run ssh on other port then we just need to change Port 22 to other on which we want to run ssh & uncomment it ( remove # ). now we need to login to our ssh server by ssh username@server_ip_address with default port 22. else if you are using user defined port then ssh -p port_no username@server_ip_address
:') > Now let's understand RSA ( Rivest-Shamir-Adleman ) key authentication for ssh access : here we comes with security while remote connection, RSA provide us secure data transmission over internet for more info about RSA google it. so we want to setup RSA key for any user for example if i want to setup for user "nullport" & when we try to login as nullport user then it simply loged in without password basically here we generates two files in /home/user/.ssh folder where one is public key file (id_rsa.pub) & other is identification file ( id_rsa )
Here is our public key & Identification file ..
ok now play with config file
Our ssh config file is here # /etc/ssh/sshd_config
we need to change the ssh port no. from sshd_config file just we need to uncomment it & replace ssh port no (by default 22) we can define what ever we need, Let's we config it at port no. 2222, we can define the ListenAddress of our machine so that we can only access in a particular network by default it is 0.0.0.0 i.e we can access it from anywhere & from any network.
we have by default PermitRootLogin yes we have to No or by default this option is like #PermitRootLogin yes Remove # & set it to NO it & we need to define our own root user by adding a single Line AllowUsers nullport now only user nullport have root access to our system we need to save the config file & restart the service by command service sshd restart now we don't have login permissions with root users too as we try to login as root user with ssh root@192.168.56.101 & when we apply the password then we get nothing it give us a message access denied & when we try with our user nullport we define it in config file then we can logged it the machine remotely by ssh nullport@192.168.56.101 then we can logged in. as we know only the root user can change everything in our machine but remotely we can't logged in as root privileges.
One more thing i want to discuss with you if we define our own port no then we need to define it while logged in remotely as ssh nullport@192.168.56.101 -p 2222 suppose here we define our port no 2222 in our config file.
here we can use putty from windows ,
*** we just avoid hackers to root the server :') not fully but if he is not much expert then we can avoid him "Hackers are the Power"
so this is our short tutorial on ssh Remote login utility ....
Type:System V-managed service
Package: openssh-server ( for server ) & openssh-clients ( for Client )
Daemon:/usr/sbin/vsftpd
Script:/etc/init.d/vsftpd
Ports:22
Configuration files:/etc/ssh/sshd_config,/etc/ssh/ssh_config,
Log:/var/log/xferlog
Related:tcp_wrappers,ip_conntrack_ftp,ip_nat_ftp
default selinux daemon= /var/ftp
Step 1: we need to login as root privilages & then to install sshd server type yum install openssh-server
Step 2: now we need to install Client for sshd server so type yum install openssh-client
Now after installation start service by service sshd start
here is our sshd dir in /etc/ssh
customize sshd.config & ssh.config file accordingly if we want to run ssh on other port then we just need to change Port 22 to other on which we want to run ssh & uncomment it ( remove # ). now we need to login to our ssh server by ssh username@server_ip_address with default port 22. else if you are using user defined port then ssh -p port_no username@server_ip_address
:') > Now let's understand RSA ( Rivest-Shamir-Adleman ) key authentication for ssh access : here we comes with security while remote connection, RSA provide us secure data transmission over internet for more info about RSA google it. so we want to setup RSA key for any user for example if i want to setup for user "nullport" & when we try to login as nullport user then it simply loged in without password basically here we generates two files in /home/user/.ssh folder where one is public key file (id_rsa.pub) & other is identification file ( id_rsa )
Here is our public key & Identification file ..
ok now play with config file
Our ssh config file is here # /etc/ssh/sshd_config
we need to change the ssh port no. from sshd_config file just we need to uncomment it & replace ssh port no (by default 22) we can define what ever we need, Let's we config it at port no. 2222, we can define the ListenAddress of our machine so that we can only access in a particular network by default it is 0.0.0.0 i.e we can access it from anywhere & from any network.
we have by default PermitRootLogin yes we have to No or by default this option is like #PermitRootLogin yes Remove # & set it to NO it & we need to define our own root user by adding a single Line AllowUsers nullport now only user nullport have root access to our system we need to save the config file & restart the service by command service sshd restart now we don't have login permissions with root users too as we try to login as root user with ssh root@192.168.56.101 & when we apply the password then we get nothing it give us a message access denied & when we try with our user nullport we define it in config file then we can logged it the machine remotely by ssh nullport@192.168.56.101 then we can logged in. as we know only the root user can change everything in our machine but remotely we can't logged in as root privileges.
One more thing i want to discuss with you if we define our own port no then we need to define it while logged in remotely as ssh nullport@192.168.56.101 -p 2222 suppose here we define our port no 2222 in our config file.
here we can use putty from windows ,
*** we just avoid hackers to root the server :') not fully but if he is not much expert then we can avoid him "Hackers are the Power"
so this is our short tutorial on ssh Remote login utility ....
No comments:
Post a Comment