port 22 HowTo - Linux / Unix Q & A from nixCraft

Carry Private SSH RSA / DSA Key For Connection Using Unix / Linux Shell Script

last updated March 27, 2012 in OpenBSD, UNIX

How do I add my RSA or DSA keyfile in shell script itself for the connection so that I need to carry only one file on my USB pen drive instead of $HOME/.ssh/id_rsa file under Unix / Linux operating systems?

Linux: Block Port With IPtables

last updated August 25, 2016 in CentOS, Debian / Ubuntu, Iptables, Linux, RedHat and Friends, Suse

How do I block port number with iptables under Linux operating systems?

OpenSSH Hide Version Number From Clients

last updated September 13, 2010 in UNIX

How do I hide ssh number from clients? When I type the following command it displays server version number to end users:

ssh -v server2.example.com

OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k 25 Mar 2009
debug1: Reading configuration data /home/vivek/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to server2.example.com [123.x.y.z] port 22.
debug1: Connection established.
debug1: identity file /home/vivek/.ssh/identity type -1
debug1: identity file /home/vivek/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/vivek/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3
debug1: match: OpenSSH_4.3 pat OpenSSH_4*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu4

telnet server2.example.com 22
Trying 123.x.y.z...
Connected to v.txvip1.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.3

Why does OpenSSH server report its version to clients?

CentOS SSH Installation And Configuration

last updated March 14, 2010 in CentOS

How do I install and configure ssh server and client under CentOS Linux operating systems?

Monit: Monitor SSHD Server and Auto Restart SSH If It Does Not Respond

last updated October 7, 2008 in CentOS, Debian / Ubuntu, FreeBSD, Linux, Networking, OpenBSD, RedHat and Friends, Solaris-Unix, Suse, Ubuntu Linux

Q. How do I monitor my ssh server with monit? How do I restart ssh server if it does not respond or dead due to any issues under Linux?

Iptables is not sending LOG to syslog file

last updated November 22, 2007 in Iptables, Linux, Security, Troubleshooting

Q. I am running SSH/MySQL/Webserver and setup iptables based firewall. But my logs are send to console rather than the system log files. How do make sure that iptables LOG target messages are send to /var/log/messages file?

A. IPTABLES LOG module turns on kernel logging of matching packets. When this option is set for a rule, the Linux kernel will print some information on all matching packets (like most IP header fields) via the kernel log where it can be read with
dmesg or syslogd.

You can configure level of logging with an option called –log-level level. For example, drop and LOG all incoming port 22 TCP, message:
iptables -I OUTPUT -j LOG --log-level crit -p tcp --dport 22

Read man pages of iptables and syslog.conf for more info.

Restrict SSH Access Using tcpd (TCPWrapper) on Linux or Unix

last updated November 6, 2015 in CentOS, Debian / Ubuntu, FreeBSD, Linux, Security, UNIX

How do I use tcpd on a Linux to restrict ssh access?
Continue reading