≡ Menu

sshd server

CentOS Linux: Start / Stop / Restart SSHD Command

I'm a new CentOS Linux server user. How can I start, stop, or restart the OpenSSH (SSHD) server on a CentOS Linux? How can I start SSHD on boot time on a CentOS Linux?
[click to continue…]

I've ssh gateway behind my NAT firewall. So all users must first login to my gateway host from the internet and then login to other machines on the LAN. This works great for cli based apps. However, few users would like to run x apps from internal LAN hosts and tunnel X display through intermediate ssh gateway and display back output on their local system. For example, from localsystem user makes connection as follows:

ssh -X user@gateway.example.com
ssh -X user@somelan.example.com

X forwarding fails with an error:

Error: Can't open display:

How do I fix this problem and allow users to use X apps with my intermediate Linux / BSD gateway?
[click to continue…]

Q. How do I reuse same ssh connection to speed up remote login procedure with OpenSSH client?
[click to continue…]

How do I block and stop attacks on ssh server under CentOS Linux or Red Hat Enterprise Linux server 5.x?
[click to continue…]

Q. I have just installed Ubuntu 6.06 and I would like to allow remote login to my system from home via ssh. How do I install and configure SSH server?

A. OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol versions.

Ubuntu SSHD Installation

Type the following two command to install both ssh client and server:
# sudo apt-get install openssh-server openssh-client

SSHD Configuration

To be frank your server is ready by default. Just test it from your home computer or from same system with the command:
# ssh localhost
OR
# ssh user@your-server-ip-address

How do I use ssh client?

Assuming that your server hostname is userver.mydomain.com and username is vivek, you need to type the following command:
# ssh vivek@userver.mydomain.com
To stop ssh server, enter:
# sudo /etc/init.d/ssh stop
To start sshs server, enter:
# sudo /etc/init.d/ssh start
To restart ssh server, enter:
# sudo /etc/init.d/ssh restart

See also:

Restrict ssh access using tcpd (TCPWrapper)

tcpd is use to access control facility for internet services. The tcpd program can be set up to monitor incoming requests for telnet, finger, ftp, exec, rsh, rlogin, tftp, sshd and other services that have a one-to-one mapping onto executable files. Your sshd server must be configuring (compiled with) to support tcpd.

You can find out tcpd (tcpwrapper) support easily with following command:

# strings $(which sshd)| grep libwrap

libwrap.so.0
libwrap refuse returns

If you get output libwrap (as above) then you can use tcpd as follows. Open file /etc/hosts.deny in text editor. This file list of hosts/IPs that are not allowed to access the system. In your case you will block sshd (port 22). Let us say you would like to deny access to IPs 202.54.1.20 64.66.44.22 64.66.44.25.
# vi /etc/hosts.deny Add/append following line to file:sshd: 202.54.1.20 64.66.44.22 64.66.44.25Save and exit to shell prompt. Next make sure your rules are correct with the following command:
# tcpdchk -v
Output:

Using network configuration file: /etc/inetd.conf
>>> Rule /etc/hosts.deny line 20:
daemons:  sshd
clients:  202.54.1.20 64.66.44.22 64.66.44.25
access:   denied

See also: