Debian Linux Install OpenSSH SSHD Server

by on January 11, 2012 · 2 comments· LAST UPDATED January 11, 2012

in

How do I install OpenSSH sshd server under Debian GNU/Linux operating systems?

You need to use the apt-get or aptitude command to install OpenSSH server under Debian Linux. Open a terminal and type the following command to update package database as root user:
# apt-get update

Task: Install OpenSSH server Under Debian Linux

Type the following command:
# apt-get install openssh-server
Sample outputs:

Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
  ssh-askpass rssh molly-guard ufw
The following NEW packages will be installed:
  openssh-server
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 318 kB of archives.
After this operation, 717 kB of additional disk space will be used.
Get:1 http://mirror.anl.gov/debian/ squeeze/main openssh-server amd64 1:5.5p1-6+squeeze1 [318 kB]
Fetched 318 kB in 3s (89.0 kB/s)
Preconfiguring packages ...
Selecting previously deselected package openssh-server.
(Reading database ... 153448 files and directories currently installed.)
Unpacking openssh-server (from .../openssh-server_1%3a5.5p1-6+squeeze1_amd64.deb) ...
Processing triggers for man-db ...
Setting up openssh-server (1:5.5p1-6+squeeze1) ...
Creating SSH2 RSA key; this may take some time ...
Creating SSH2 DSA key; this may take some time ...
Restarting OpenBSD Secure Shell server: sshd.

By default openssh will run on the TCP port 22. You can verify the same with the following command:
# netstat -tulpn | grep :22
Sample outputs:

tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      3946/sshd
tcp6       0      0 :::22                   :::*                    LISTEN      3946/sshd

You can connect to the Openssh server, type:
$ ssh user@localhost
$ ssh user@sever-ip-here

How Do I Start / Stop / Restart OpenSSH Server Under Debian Linux?

Type the following commands as root user:
# service ssh stop
# service ssh start
# service ssh restart
# service ssh status

OR
# /etc/init.d/ssh stop
# /etc/init.d/ssh start
# /etc/init.d/ssh restart
# /etc/init.d/ssh status

Sample session:

Fig.01: OpenSSH under Debian Linux

Click to enlarge the image

How Do I Open Port 22 At The Firewall Level?

Edit your firewall script and append the following rule to restrict access to 192.168.1.0/24:

/sbin/iptables -A INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 22 -j ACCEPT

Save and close the file. OR, you can type the command as follows and save it to your firewall config file:

# /sbin/iptables -A INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 22 -j ACCEPT
# iptables-save > /path/to/your.firewall.conf

How Do I Configure and Secure OpenSSH Server under Debian Linux?

You need to edit the /etc/ssh/sshd_config file using the text editor such as vi, run:
# vi /etc/ssh/sshd_config
See this article which explains config option to tweak in order to improve OpenSSH server security.

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 2 comments… read them below or add one }

1 Peter Teoh July 4, 2012 at 12:23 am

I had setup as above, but localhost connect or remote I will get the same error:

Read from socket failed: Connection reset by peer

and in verbose mode it is:

bt:/root>ssh -vvvv root@localhost
OpenSSH_5.3p1 Debian-3ubuntu6, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [::1] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3p1 Debian-3ubuntu6
debug1: match: OpenSSH_5.3p1 Debian-3ubuntu6 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu6
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug3: Wrote 792 bytes for a total of 831
Read from socket failed: Connection reset by peer
bt:/root>

Why?

Reply

2 Kay October 3, 2012 at 11:25 am

@ Peter Teoh

Look at the line : debug1: Connecting to localhost [::1] port 22.

You will need to edit /etc/ssh/sshd_config amend the line;

#ListenAddress 0.0.0.0

to

ListenAddress YOURSSHSERVERIP

Save, Stop, Start the SSHD service

Reply

Leave a Comment

Tagged as: , , , , , , , ,

Previous Faq:

Next Faq: