how to increase ssh time (putty)
create config file under .ssh
[root@localhost ~]# vim .ssh/config
add below entry under config file
Host *
ServerAliveInterval 60
wq!
reload or restart sshd service
[root@Localhost
Desktop]# rpm -qa | grep ssh - package check not found
[root@Localhost
Desktop]# yum install *ssh* or yum install openssh*
[root@Localhost
Desktop]# rpm -qa | grep ssh - package check after installation
libssh2-docs-1.4.2-1.el6_6.1.x86_64
trilead-ssh2-213-6.2.el6.noarch
libssh2-devel-1.4.2-1.el6_6.1.x86_64
openssh-askpass-5.3p1-112.el6_7.x86_64
pam_ssh_agent_auth-0.9.3-112.el6_7.x86_64
openssh-5.3p1-112.el6_7.x86_64
openssh-clients-5.3p1-112.el6_7.x86_64
ksshaskpass-0.5.1-4.1.el6.x86_64
openssh-ldap-5.3p1-112.el6_7.x86_64
openssh-server-5.3p1-112.el6_7.x86_64
trilead-ssh2-javadoc-213-6.2.el6.noarch
libssh2-1.4.2-1.el6_6.1.x86_64
---------------------------------------------------------------------------------------------------------------------
[root@Localhost
Desktop]# /etc/init.d/sshd restart ---------start or restart ssh server
Stopping
sshd:
[ OK ]
Starting
sshd:
[ OK ]
---------------------------------------------------------------------------------------------------------------------
[root@Localhost
Desktop]# telnet 127.0.0.1 22 ----check port status
[root@Localhost
Desktop]# nc localhost 22
[root@Localhost
Desktop]# netstat -tulnp | grep -i 22
tcp 0
0 0.0.0.0:22
0.0.0.0:* LISTEN 10291/sshd
tcp 0
0 :::22
:::* LISTEN 10291/sshd
---------------------------------------------------------------------------------------------------------------------
[root@Localhost
Desktop]# /etc/init.d/sshd status ----- check SSH status
openssh-daemon
(pid 10291) is running...
---------------------------------------------------------------------------------------------------------------------
[root@Localhost
Desktop]# ps -ef | grep -i sshd ----- check server & port
root 10291
1 0 07:11 ? 00:00:00 /usr/sbin/sshd
root 10332
7657 0 07:19 pts/0 00:00:00 grep -i sshd
---------------------------------------------------------------------------------------------------------------------
[root@Localhost
Desktop]# vi /etc/sshd/ --root path of SSH
---------------------------------------------------------------------------------------------------------------------
[root@Localhost
~]# vim /etc/ssh/sshd_config --------------SSH configuration fil e
#Port
22 -----------------------port settings, we can manage
#
Authentication:
PermitRootLogin
no -----------uncomment and type no for
disable ssh root login
---------------------------------------------------------------------------------------------------------------------
[root@Localhost
~]# /etc/init.d/sshd reload ----
reload service
Reloading
sshd:
[ OK ]
---------------------------------------------------------------------------------------------------------------------
SERVER
|
CLIENT
|
|
rpm –qa | grep –i ssh
|
no need to installed ssh service
|
|
yum install *ssh*
|
ssh – client / command / utitlity
|
|
Ssh-*
---not work
|
( usr/bin/ssh ) – just a command
|
|
used *ssh* - package name is – openssh
|
ssh 192.168.1.14 – (server ip )
|
|
Yum install openssh*
|
If stop sshd service but ssh cmd is working
|
|
/etc/init.d/sshd used tab tab restart
|
Port - 22
|
|
/etc/init.d/sshd restart
|
When used for connect server to used
random port
|
|
ssh port - 22
|
||
telnet localhost 22
|
ssh < server ip >
|
|
nc localhost 22
|
ssh 192.168.1.14
|
|
netstat – tulnp | grep –i 22
|
its refers /etc.service file for port to connect server side
|
|
/etc/init.d/sshd status
|
||
ps –ef | grep –i sshd – check server &
port
|
1 ) # ssh champu@192.168.1.14
we can login through user also
2 ) #ssh 192.168.1.14 –l champu
|
|
Always disable root login for ssh
|
||
OS Harening
-- 1 step
|
||
vi /etc/sshd/ --root path
|
Copy files on server
|
|
vi /etc/sshd/sshd_config –configuration file of
sshd
PermitRootLogin no – uncommnet (# ) &
type no for disable root login
|
scp /mnt/* champu@192.168.1.14:/opt/
|
|
rsync /mnt/* champu@192.168.1.14:/opt/
|
||
/etc/init.d/sshd
reload - reload service
|
||
we
can change sshd port
example
: 22
change
poer : 222
|
After change port – access ssh
|
|
ssh 192.168.1.14 –p 222
|
||
Change in /etc/service file
|
||
1) – client request to server
2) server send public key --- public key travel on network
3) client send public key --- public key travel on network
4) Server send privet key ( give access to
client )
|
1 - MD5
2 - SNA
3 - RSA -- Rivert Shamim Adelmen -- name of persons
4 - DSA
Ssh
generate two keys on server
1)
--- public key
2)
--- private key
SSH
used RSA encryption ----- Rivert Shamim
Adelmen
SERVER
|
CLIENT
|
|
#cd /etc/ssh
|
Public key store in below path
|
|
#ls
|
/root/.ssh/know_hosts – public key
|
|
Public_key and private_key
|
/champu/.ssh/know_hosts – public key
|
No comments:
Post a Comment