SSH
An important part of system administration is a secure connection to it. With SSH we can achieve this easily. At the same time, there is a lot more to this protocol and set of commands. In this section all articles and configuration are collected.
Audit SSH configurations: HashKnownHosts option
Information about the HashKnownHosts option in the SSH configuration file. Explains how to audit and tune this option to secure an Unix based system.
Change SSH server port number
Learn how to make changes to your SSH configuration to have it running on a different port. Change it from port 22 to something like 2222.
Configure a SSH welcome message or banner
Configure a welcome message or banner for users to see before or after logging in via SSH. Here are the instructions to change the relevant configuration files.
Distributing SSH keys: using ssh-copy-id, manually, or automated
Learn how to get your SSH keys easier to another system using different available methods such as manually or a tool like ssh-copy-id
Granting temporary access to your servers (using signed SSH keys)
SSH has the capabilities to give a colleague or vendor temporary access to your systems. Learn how to install and configure the related SSH settings.
OpenSSH security and hardening
The SSH configuration influences the security of your Linux system. This guide helps you to secure your OpenSSH server and client configuration.
Restrict SSH access to only allow rsync
Want to restrict SSH access to only allow rsync file synchronization? This article explains the steps and how to set it up.
SSH escape sequences
OpenSSH has escape sequences available to initiate special commands during an active SSH session. Learn about the available escape sequences with this overview.
Using Ed25519 for OpenSSH keys (instead of DSA/RSA/ECDSA)
Many years the default for SSH keys was DSA or RSA. There is a new kid on the block, with the fancy name Ed25519. Let's have a look at this new key type.
Using SSH keys instead of passwords
Linux systems are usually managed remotely with SSH, often still using passwords. Time to switch over to SSH keys and here is how to do that.
Frequently Asked Questions
How to see the SSH log?
To see the SSH log file, check if the /var/log/auth.log file is available to the system. If not, and systemd is used, use journalctl -u ssh.service.
How to test the sshd configuration for configuration errors?
To test the SSH daemon (sshd) for configuration errors, run sshd with the '-t' option.
How to add a SSH key to the SSH agent?
Use the ssh-add command and provide the relevant SSH key to add it to the SSH agent.
What is SSH agent forwarding?
The agent forwarding feature in SSH allows using your local SSH agent to be reached through an existing SSH connection. This way you don't have to store copies of your private keys on intermediate systems to use them for authentication.
How to start the SSH agent?
Run the eval command inside the shell together with the ssh-agent.
What is the purpose of the SSH agent?
The SSH agent is a helper utility to temporarily store private keys when using public key authentication. It acts as an authentication agent for clients such as the ssh command.
How to disable the usage of the SSH agent?
Define the SSH option IdentityAgentRun with the value 'none' when connecting to a system to disable the usage of the SSH agent.
How to disable the SSH check of host authenticity and the key fingerprint?
Define the StrictHostKeyChecking option and set it to 'no' when connecting.
How to terminate a SSH connection that does not respond to CTRL+C?
Press tilde (~) followed by a dot (.) to terminate a non-responsive SSH connection.
How to remove the passphrase from a SSH key?
Use the ssh-keygen command to update the passphrase of an existing SSH key.
How to see the available SSH keys in the OpenSSH authentication agent?
Use the ssh-add command to display any available keys that are known to the SSH agent.