How to configure /etc/ssh/sshd_config file
https://www.zyxware.com/sites/default/files/styles/user_image/public/default_images/index.png?itok=2YmREnrP
BY sandeep.sasikumar
4 years ago
SSH
0
comments comment

The sshd_config file refers to the main configuration file that allows the user to make the changes in the features of SSH protocol. There are many features for this protocol and these can be made or changed according to the users needs. And by making configuration changes it also allows the user to provide more security to server/system that we are using. Some of the main features are listed below.

 Port 22  

The port option specifies which port the SSH daemon listens for incoming connections. The default port specified for this is port 22.

 ListenAddress  

This address specifies the IP address of the interface network on which ssh server daemon socket is bind. The default ListenAddress is 0.0.0.0.

 ServerKeyBits 1024 

This option is useful when we create the server key. For example: To enable key authentication we usually create the public/private key pair and this option is used when creating this key. From this feature the key is generated with the bits mentioned in this option.

 LoginGrace time 600 

The 'LoginGrace time' option specifies how long the server has to wait untill getting disconnected from the server if the user has not successfully disconnected from the server.

 KeyRegenerationInterval 3600 

The 'KeyRegenerationInterval' option specifies how long the server should wait before it automatically generated the key. The 'KeyRegenerationInterval' is shown in seconds.

 RSAAuthentication yes 

This option specifies to try RSA authentication which provides more security for your servers. This option enables the public and private key pair generated by the ssh-keygen option.

 PermitEmptyPasswords yes 

This option provides login using a null password. This is useful when transfering files between server or while taking an automated backup of the system

 PasswordAuthentication yes 

'PasswordAuthentication' specifies whether we should use password-based authentication. By enabling this option users can login to the system using the password set. As mentioned we can enable both password as well as key based authentication to servers.

 AllowUsers admin  

This option specifies which all users are permitted to login via SSH to the system. We can enable multiple user entries here by adding user names seperated by spaces.

  StrictModes yes 

The 'StrictModes' option specifies whether ssh should check user's permissions in their home directory and also the r hosts files before accepting the login to the system. This option must be enabled as users may leave their folders or files in writable mode for all.

These are some of the main configurations changes that are to be made in the sshd_config file to prevent unwanted logins to the system and also to provide more security for its users.

 PermitRootLogin yes 

This option permits root login via SSH to server. This option should always be set to 'Yes' so as to allow SSH access for the root user to server.


RELATED ARTICLE

more_horiz
close

on 16th November 2012 / by sandeep.sasikumar
Most web developers & system administrators have to do SSH logins to WHM based servers to make the necessary changes there. The default port used for ssh logins is port 22. However there might be unusual circumstances where port 22 is not the default port. In such a scenario we need to identify the default ssh-port used by the server. If you are facing a similar situation then read on to know how to find out the current port being used by SSH on a WHM based server. Linux Networking WHM Network Security cPanel Web Security SSH Leave a reply Your email address will not be published. Required fields are marker * Talu (not verified) access_time 18 Jul 2019 - 19:33 Hi: Thanks for this article, I was forgoten the port of my ssh but in the last version of WHM (11.38.2 build 7) or on my server, the 'ConfigServer Explorer' option is not available so I find the port on the firewall settings 'ConfigServer Security & Firewall' under 'Allow incoming TCP ports' and descarting the default know ports such as ftp, web, etc. http://www.talu.me/ Add new comment
SSH
more_horiz
close

on 14th April 2014 / by sandeep.sasikumar
SSH Protocol's features can be changed using the sshd_config file.The sshd_config file is the ma SSH Leave a reply Your email address will not be published. Required fields are marker *
SSH
more_horiz
close

on 05th February 2015 / by sandeep.sasikumar
The sshd_config file refers to the main configuration file that allows the user to make the changes in the features of SSH protocol. There are many features for this protocol and these can be made or changed according to the users needs. And by making configuration changes it also allows the user to provide more security to server/system that we are using. Some of the main features are listed below. SSH Leave a reply Your email address will not be published. Required fields are marker *
Leave a reply
Your email address will not be published. Required fields are marker *

Filtered HTML

  • Web page addresses and email addresses turn into links automatically.
  • Allowed HTML tags: <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type='1 A I'> <li> <dl> <dt> <dd> <h2 id='jump-*'> <h3 id> <h4 id> <h5 id> <h6 id>
  • Lines and paragraphs break automatically.
The content of this field is kept private and will not be shown publicly.
CAPTCHA This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.