How do I install OpenSSH sshd server under Debian GNU/Linux operating systems?
You need to use the apt-get or aptitude command to install OpenSSH server under Debian Linux. Open a terminal and type the following command to update package database as root user:
# apt-get update
Task: Install OpenSSH server Under Debian Linux
Type the following command:
# apt-get install openssh-server
Reading package lists... Done Building dependency tree Reading state information... Done Suggested packages: ssh-askpass rssh molly-guard ufw The following NEW packages will be installed: openssh-server 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 318 kB of archives. After this operation, 717 kB of additional disk space will be used. Get:1 http://mirror.anl.gov/debian/ squeeze/main openssh-server amd64 1:5.5p1-6+squeeze1 [318 kB] Fetched 318 kB in 3s (89.0 kB/s) Preconfiguring packages ... Selecting previously deselected package openssh-server. (Reading database ... 153448 files and directories currently installed.) Unpacking openssh-server (from .../openssh-server_1%3a5.5p1-6+squeeze1_amd64.deb) ... Processing triggers for man-db ... Setting up openssh-server (1:5.5p1-6+squeeze1) ... Creating SSH2 RSA key; this may take some time ... Creating SSH2 DSA key; this may take some time ... Restarting OpenBSD Secure Shell server: sshd.
By default openssh will run on the TCP port 22. You can verify the same with the following command:
# netstat -tulpn | grep :22
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 3946/sshd tcp6 0 0 :::22 :::* LISTEN 3946/sshd
You can connect to the Openssh server, type:
$ ssh user@localhost
$ ssh user@sever-ip-here
How Do I Start / Stop / Restart OpenSSH Server Under Debian Linux?
Type the following commands as root user:
# service ssh stop
# service ssh start
# service ssh restart
# service ssh status
# /etc/init.d/ssh stop
# /etc/init.d/ssh start
# /etc/init.d/ssh restart
# /etc/init.d/ssh status
How Do I Open Port 22 At The Firewall Level?
Edit your firewall script and append the following rule to restrict access to 192.168.1.0/24:
/sbin/iptables -A INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 22 -j ACCEPT
Save and close the file. OR, you can type the command as follows and save it to your firewall config file:
# /sbin/iptables -A INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 22 -j ACCEPT # iptables-save > /path/to/your.firewall.conf
How Do I Configure and Secure OpenSSH Server under Debian Linux?
You need to edit the /etc/ssh/sshd_config file using the text editor such as vi, run:
# vi /etc/ssh/sshd_config
See this article which explains config option to tweak in order to improve OpenSSH server security.