Skip to content

Click on each book below to review & buy on Amazon.

As an Amazon Associate, I earn from qualifying purchases.

CompTIA Linux+ XK0-005 - 1.7 - Configure Common System Services: SSH

SSH (Secure Shell) is a widely used cryptographic network protocol that allows secure remote access and control of a system over an unsecured network. It provides a secure way to establish encrypted connections between a client and a server, ensuring the confidentiality and integrity of data transmitted over the network. This guide will walk you through the configuration of the SSH service on a Linux system.

Configuration File

The main configuration file for the SSH service is /etc/ssh/sshd_config. This file contains various settings that control the behavior of the SSH server.

Here are some important configuration settings:

  • Port: Specifies the port number on which the SSH server listens for incoming connections. The default port is 22, but you can change it to a different value for enhanced security.
  • PermitRootLogin: Controls whether root login is allowed via SSH. It can be set to yes, no, or prohibit-password depending on your security requirements.
  • PasswordAuthentication: Determines whether password-based authentication is allowed for SSH connections. It can be set to yes or no. Disabling password authentication and relying on key-based authentication is more secure.
  • PubkeyAuthentication: Specifies whether public key authentication is allowed. It should be set to yes to enable key-based authentication.
  • AllowUsers: Restricts SSH access to specific users. You can specify the usernames to be allowed separated by spaces.
  • DenyUsers: Blocks SSH access for specific users. You can specify the usernames to be denied SSH access.

Make sure to edit the /etc/ssh/sshd_config file with administrative privileges using a text editor such as nano or vi.

Service Management

To apply the changes made in the SSH configuration file, you need to restart the SSH service. On most Linux distributions, you can use the following commands to manage the SSH service:

  • To restart the SSH service:

    sudo service sshd restart

Example Scenario

Let's say you want to configure the SSH service to listen on a different port and disable password authentication. Here's how you can do it:

  1. Open the SSH configuration file with root privileges:

    sudo vi /etc/ssh/sshd_config

  2. Locate the line that specifies the port and change it to your desired port number. For example, to change the port to 2222:

    Port 2222

  3. Find the line that controls password authentication and set it to no to disable password-based login:

    PasswordAuthentication no

  4. Save the changes and exit the text editor.

  5. Restart the SSH service for the changes to take effect:

    sudo service sshd restart

After completing these steps, the SSH service will be configured to listen on port 2222 instead of the default port 22, and password authentication will be disabled.

Conclusion

Configuring the SSH service is an essential part of securing remote access to a Linux system. By modifying the SSH configuration file, you can control various aspects of the service, such as the port number, authentication methods, and access restrictions. Understanding these configuration options allows you to tailor the SSH service to meet your security requirements and protect your system from unauthorized access.

Support DTV Linux

Click on each book below to review & buy on Amazon. As an Amazon Associate, I earn from qualifying purchases.

NordVPN ®: Elevate your online privacy and security. Grab our Special Offer to safeguard your data on public Wi-Fi and secure your devices. I may earn a commission on purchases made through this link.