How do I install OpenSSH sshd server under Debian GNU/Linux operating systems?
You need to use the apt-get or aptitude command to install OpenSSH server under Debian Linux. Open a terminal and type the following command to update package database as root user:
# apt-get update
Task: Install OpenSSH server Under Debian Linux
Type the following command:
# apt-get install openssh-server
Sample outputs:
Reading package lists... Done Building dependency tree Reading state information... Done Suggested packages: ssh-askpass rssh molly-guard ufw The following NEW packages will be installed: openssh-server 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 318 kB of archives. After this operation, 717 kB of additional disk space will be used. Get:1 http://mirror.anl.gov/debian/ squeeze/main openssh-server amd64 1:5.5p1-6+squeeze1 [318 kB] Fetched 318 kB in 3s (89.0 kB/s) Preconfiguring packages ... Selecting previously deselected package openssh-server. (Reading database ... 153448 files and directories currently installed.) Unpacking openssh-server (from .../openssh-server_1%3a5.5p1-6+squeeze1_amd64.deb) ... Processing triggers for man-db ... Setting up openssh-server (1:5.5p1-6+squeeze1) ... Creating SSH2 RSA key; this may take some time ... Creating SSH2 DSA key; this may take some time ... Restarting OpenBSD Secure Shell server: sshd.
By default openssh will run on the TCP port 22. You can verify the same with the following command:
# netstat -tulpn | grep :22
Sample outputs:
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 3946/sshd tcp6 0 0 :::22 :::* LISTEN 3946/sshd
You can connect to the Openssh server, type:
$ ssh user@localhost
$ ssh user@sever-ip-here
How Do I Start / Stop / Restart OpenSSH Server Under Debian Linux?
Type the following commands as root user:
# service ssh stop
# service ssh start
# service ssh restart
# service ssh status
OR
# /etc/init.d/ssh stop
# /etc/init.d/ssh start
# /etc/init.d/ssh restart
# /etc/init.d/ssh status
Sample session:
Click to enlarge the image
How Do I Open Port 22 At The Firewall Level?
Edit your firewall script and append the following rule to restrict access to 192.168.1.0/24:
/sbin/iptables -A INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 22 -j ACCEPT
Save and close the file. OR, you can type the command as follows and save it to your firewall config file:
# /sbin/iptables -A INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 22 -j ACCEPT # iptables-save > /path/to/your.firewall.conf
How Do I Configure and Secure OpenSSH Server under Debian Linux?
You need to edit the /etc/ssh/sshd_config file using the text editor such as vi, run:
# vi /etc/ssh/sshd_config
See this article which explains config option to tweak in order to improve OpenSSH server security.
You should follow me on twitter here or grab rss feed to keep track of new changes.
Featured Articles:
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop
{ 2 comments… read them below or add one }
I had setup as above, but localhost connect or remote I will get the same error:
Read from socket failed: Connection reset by peer
and in verbose mode it is:
Why?
@ Peter Teoh
Look at the line : debug1: Connecting to localhost [::1] port 22.
You will need to edit /etc/ssh/sshd_config amend the line;
#ListenAddress 0.0.0.0
to
ListenAddress YOURSSHSERVERIP
Save, Stop, Start the SSHD service