Debian, Home Server, Linux, Tech

Using SSH

What is SSH?
SSH stands for Secure Shell. it is a cryptographic network protocol that provides secure remote access and control over a network.

Installing SSH:
sudo apt install openssh-server

Activate the SSH-server:
sudo systemctl start ssh

Auto-start SSH-server on restart:
sudo systemctl enable ssh

Verify if SSH is running and will start automatically:
sudo systemctl status ssh

In the screenshot above, we see SSH will auto-start on boot (enabled) and it is currently running (active(running)).

Activating firewall rules (for default port (22)):
sudo ufw allow ssh

Restricting root access:
Edit the SSH config file
sudo nano /etc/ssh/sshd_config
Look for PermitRootLogin add a # before this line and save the file.
Now the root user is not able to log on using SSH.

Changing SSH default port:
sudo nano /etc/ssh/sshd_config
Look for a line that starts with port, usually the line starts with a #, remove it and change 22 to the desired port (in this case 2000).

Once done, save the file.

Allow the new incoming port in your firewall:
sudo ufw allow 2000
Restart ssh
sudo systemctl restart ssh

Adding a banner:
If you enable a banner, you will be welcomed with it when logging on with SSH.
To configure a banner for SSH, go to de sshd_config
sudo nano /etc/ssh/sshd_config

Look for Banner and add the path where you will store your banner file.

The banner-file:

Restart SSH
sudo systemctl restart ssh
Exit your currect session:
Reconnect again.
The banner will look like this:

Connecting to a SSH-server (Linux to Linux):
ssh [email protected]
type yes when asked to continue connecting.

Connecting to a SSH-server (Windows to Linux):
Download Putty

In the Host Name (or IP address)-field enter the hostname or IP-address.
In the Port-field, enter the port number. Default port for SSH is 22, if you changed it, change it here.
Click Open.

Tagged , , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *