How to configure /etc/ssh/sshd_config file
https://www.zyxware.com/sites/default/files/styles/user_image/public/default_images/index.png?itok=2YmREnrP
BY sandeep.sasikumar
5 years ago
Technical-Solution
0 comments comment

The sshd_config file refers to the main configuration file that allows the user to make the changes in the features of SSH protocol. There are many features for this protocol and these can be made or changed according to the users needs. And by making configuration changes it also allows the user to provide more security to server/system that we are using. Some of the main features are listed below.

 Port 22  

The port option specifies which port the SSH daemon listens for incoming connections. The default port specified for this is port 22.

 ListenAddress  

This address specifies the IP address of the interface network on which ssh server daemon socket is bind. The default ListenAddress is 0.0.0.0.

 ServerKeyBits 1024 

This option is useful when we create the server key. For example: To enable key authentication we usually create the public/private key pair and this option is used when creating this key. From this feature the key is generated with the bits mentioned in this option.

 LoginGrace time 600 

The 'LoginGrace time' option specifies how long the server has to wait untill getting disconnected from the server if the user has not successfully disconnected from the server.

 KeyRegenerationInterval 3600 

The 'KeyRegenerationInterval' option specifies how long the server should wait before it automatically generated the key. The 'KeyRegenerationInterval' is shown in seconds.

 RSAAuthentication yes 

This option specifies to try RSA authentication which provides more security for your servers. This option enables the public and private key pair generated by the ssh-keygen option.

 PermitEmptyPasswords yes 

This option provides login using a null password. This is useful when transfering files between server or while taking an automated backup of the system

 PasswordAuthentication yes 

'PasswordAuthentication' specifies whether we should use password-based authentication. By enabling this option users can login to the system using the password set. As mentioned we can enable both password as well as key based authentication to servers.

 AllowUsers admin  

This option specifies which all users are permitted to login via SSH to the system. We can enable multiple user entries here by adding user names seperated by spaces.

  StrictModes yes 

The 'StrictModes' option specifies whether ssh should check user's permissions in their home directory and also the r hosts files before accepting the login to the system. This option must be enabled as users may leave their folders or files in writable mode for all.

These are some of the main configurations changes that are to be made in the sshd_config file to prevent unwanted logins to the system and also to provide more security for its users.

 PermitRootLogin yes 

This option permits root login via SSH to server. This option should always be set to 'Yes' so as to allow SSH access for the root user to server.


RELATED ARTICLE

/themes/custom/zyxpro_light/images/placeholder.png
close

on 04th April 2007 / by webmaster
Linux is the epitome of the FLOSS model. Technical Solution Linux installation Leave a reply Your email address will not be published. Required fields are marked * Dewey J. Corl (not verified) access_time 01 Dec 2020 - 04:57 Linux is not ready for the general public! (I am a Ubuntu user). For proof, 1. try to simply print labels on a Dymo label printer. It takes a LOT of work to get to the ease of label printing already available in Windows and Mac. 2. try syncing a modern Palm based PDA. Yes, jpilot and others will sync the main data, but pictures and midi files do not get transferred without a lot of extra setup. These are examples of applications that are not ready for the general public. Since an operating system only supports applications, Linux is not ready to be a common desktop for the general public. While we are waiting for the applications to catch up, keep up the good work!! Anoop John (not verified) access_time 01 Dec 2020 - 04:57 Dewey Yes you may be right. But these are not applications that a common man would use. A common man would use one of these applications - Internet browser, Chat Client, Email Client, Document Writer, Presentation Creator, Spreadsheet Editor, Movie Viewer, Music Player, CD/DVD Writer. Both examples you cited are more specific applications that only a small percentage of the whole population uses. It will take time before those hardware vendors identify the need from their perspective to address the Linux community. Krishnadas (not verified) access_time 01 Dec 2020 - 04:57 Dear Mr Anoop, Thank you very much for the free installation of LINUX done in my PC. I am getting immersed in the LINUX and seeing the versatility. To my surprise, I am able to read one of my old backup CD(wherein lot of my valuable file exist) done in DIRECT CD wizard (a custom cd writing software of Easy Cd creator in WIN98) which could not be read in XP. Installation of old version of easycd creator/direct cd program was not possible in XP. I thought that possible i lost all data. Very pleasant start! Srikanth N. S. (not verified) access_time 01 Dec 2020 - 04:57 Hi Anoop, My friend is thrilled with Ubuntu. One of his grouses with windows was that after OS installation, everything else is to be installed separately which is a real headache. WHereas if u install Linux, everything is installed as a package and he is thrilled to bits! Let linux installation spread in Trivandrum and your service in this direction is highly appreciated. Kepp up the good work Regards. PDA Freak (not verified) access_time 01 Dec 2020 - 04:57 Is it possible to install linux on a packardbell notebook ? Pagination Current page 1 Page 2 Next page Next › Last page Last » Add new comment
Leave a reply
Your email address will not be published. Required fields are marked *

Filtered HTML

  • Web page addresses and email addresses turn into links automatically.
  • Allowed HTML tags: <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type='1 A I'> <li> <dl> <dt> <dd> <h2 id='jump-*'> <h3 id> <h4 id> <h5 id> <h6 id>
  • Lines and paragraphs break automatically.
The content of this field is kept private and will not be shown publicly.
CAPTCHA This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.