port 22 – nixCraft

Carry Private SSH RSA / DSA Key For Connection Using Unix / Linux Shell Script

March 27, 2012March 27, 2012in Openbsd, UNIX last updated March 27, 2012

How do I add my RSA or DSA keyfile in shell script itself for the connection so that I need to carry only one file on my USB pen drive instead of $HOME/.ssh/id_rsa file under Unix / Linux operating systems?

Linux: Block Port With IPtables

December 10, 2010August 25, 2016in CentOS, Debian / Ubuntu, Iptables, Linux, RedHat and Friends, Suse last updated August 25, 2016

How do I block port number with iptables under Linux operating systems?

OpenSSH Hide Version Number From Clients

September 13, 2010in UNIX last updated September 13, 2010

How do I hide ssh number from clients? When I type the following command it displays server version number to end users:

ssh -v server2.example.com

OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /home/vivek/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to server2.example.com [123.x.y.z] port 22.
debug1: Connection established.
debug1: identity file /home/vivek/.ssh/identity type -1
debug1: identity file /home/vivek/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/vivek/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH_4*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu4

telnet server2.example.com 22
Trying 123.x.y.z...
Connected to v.txvip1.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.3

Why does OpenSSH server report its version to clients?

CentOS SSH Installation And Configuration

March 14, 2009March 14, 2010in CentOS last updated March 14, 2010

How do I install and configure ssh server and client under CentOS Linux operating systems?

Monit: Monitor SSHD Server and Auto Restart SSH If It Does Not Respond

March 13, 2008October 7, 2008in CentOS, Debian / Ubuntu, FreeBSD, Linux, Networking, Openbsd, RedHat and Friends, Solaris-Unix, Suse, Ubuntu Linux last updated October 7, 2008

Q. How do I monitor my ssh server with monit? How do I restart ssh server if it does not respond or dead due to any issues under Linux?

Iptables is not sending LOG to syslog file

July 30, 2006November 22, 2007in Iptables, Linux, Security, Troubleshooting last updated November 22, 2007

Q. I am running SSH/MySQL/Webserver and setup iptables based firewall. But my logs are send to console rather than the system log files. How do make sure that iptables LOG target messages are send to /var/log/messages file?

A. IPTABLES LOG module turns on kernel logging of matching packets. When this option is set for a rule, the Linux kernel will print some information on all matching packets (like most IP header fields) via the kernel log where it can be read with
dmesg or syslogd.

You can configure level of logging with an option called –log-level level. For example, drop and LOG all incoming port 22 TCP, message:
iptables -I OUTPUT -j LOG --log-level crit -p tcp --dport 22

Read man pages of iptables and syslog.conf for more info.

Restrict SSH Access Using tcpd (TCPWrapper) on Linux or Unix

January 31, 2006November 6, 2015in CentOS, Debian / Ubuntu, FreeBSD, Linux, Security, UNIX last updated November 6, 2015

How do I use tcpd on a Linux to restrict ssh access?
Continue reading