Configure and Secure SSH - RHCSA (RH124).pdf

support8872 1,635 views 15 slides Oct 10, 2024

Slide 1 of 15

About This Presentation

Slides on how to configure and secure SSH - Part of RHCSA (RH124) syllabus

Size: 535.98 KB

Language: en

Added: Oct 10, 2024

Slides: 15 pages

Slide Content

Conﬁgure and secure SSH

Shell
●Command-line interface to interact with OS

●Default shell in RHEL is Bash(Bourne again
shell)

●Other types of shells are sh, zsh, ksh, csh

Secure SHell(SSH)
●Major protocol to access remote servers.
●Sends the information in encrypted form.
●Works on port #22
●sshd is the service daemon
●Open-ssh is its software implementation
●Key Features:
○Secure remote access
○Authentication: (passwords & public key
cryptography)
○Conﬁgurable

Install the openssh-server
●Command: yum install openssh-server
Start and enable the ssh
●Command: systemctl start ssh && sudo systemctl enable ssh

Create a user
●Command: useradd <username>
Set a password for the user
●Command: passwd <username>

Edit the 'sshd_conﬁg' ﬁle to add custom conﬁgurations to secure SSH server
●Command: vi <path-to-sshd-conﬁg>
Note: Find the line 'PasswordAuthentication no' and change it to
'PasswordAuthentication yes' and then save the ﬁle.

Make changes to the ‘sshd’ redhat conﬁguration ﬁle.
●Command: vi <path-to-sshd-redhat-conﬁg>
Note: Find the line 'ChallengeResponseAuthentication no' to
'ChallengeResponseAuthentication yes' and save the ﬁle.

Restart the 'sshd' service to apply the changes made to the conﬁg ﬁles.
●Command: systemctl restart sshd
Connect to the machine using the 'ssh' command in new terminal.
●Command: ssh <username>@<ip-address>

Switch back to terminal and conﬁgure the SSH server to make it more secure.
●Command: cp <path-to-sshd-conﬁg> <path-to-sshd-conﬁg-backup>
Note: Keep a backup of the original 'sshd_conﬁg' ﬁle before making any
changes.

Edit the 'sshd_conﬁg' ﬁle to add custom conﬁgurations to secure SSH server
by adding these lines.
●Command: vi <path-to-sshd-conﬁg>
Note: Restart the ‘sshd’ service to apply the changes.

Re-login with same username and wait for sometime to notice the logs and
debug messages
●Command: ssh -vvv <username>@<ip-address>

Disable root login and empty passwords and limit users to student in
‘sshd_conﬁg’ ﬁle
●Command: PermitRootLogin no
PermitEmptyPasswords no
AllowUsers <new-user>
Note: Restart the ‘sshd’ service to apply the changes.

Try to login with old credentials again, login won’t be allowed as only
<new-user> is allowed
●Command: ssh <username>@<ip-address>
Create that <new-user> account that will have access and perform login
●Command: useradd <new-user> && passwd <password>

Change the port number in ‘sshd_conﬁg’ ﬁle and restart server
●Command: Port <port-number>
On ‘ssh’ terminal perform login on the newly created port
●Command: ssh -p <port-number> <username>@<ip-address>

Configure and Secure SSH - RHCSA (RH124).pdf

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Configure and Secure SSH - RHCSA (RH124).pdf

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

MGV Residential Design projects for different clients, including a New Mexico Adobe project-1-.pdf

EUNITED_Advocacy and Public Engagement through Visual Media

DESIGN THINKINGGG PPT 2 TOPIC IDEATION.pptx

DESIGN THINKING CHAPTER 1 PPTT PPT 1.pptx

Hinduism and Its History - PowerPoint Slides.pptx

Service Attributes of Manufactured Parts.pptx