Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword
Like this
3Activity
0 of .
Results for:
No results containing your search query
P. 1
Open Ssh {Configuring Secure Shell}

Open Ssh {Configuring Secure Shell}

Ratings: (0)|Views: 76 |Likes:
Published by api-3736383

More info:

Published by: api-3736383 on Oct 15, 2008
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as DOC, PDF, TXT or read online from Scribd
See more
See less

03/18/2014

pdf

text

original

Red Hat Enterprise Linux 4: System Administration Guide
Prev
Next
Chapter 13. OpenSSH

OpenSSH is a free, open source implementation of the SSH (SecureSHell)
protocols. It replacestelnet,ft p,rl o g i n,rsh, andrcp with secure,
encrypted network connectivity tools. OpenSSH supports versions 1.3, 1.5,
and 2 of the SSH protocol. Since OpenSSH version 2.9, the default protocol
is version 2, which uses RSA keys as the default.

13.1. Why Use OpenSSH?

If you use OpenSSH tools, you are enhancing the security of your
machine. All communications using OpenSSH tools, including
passwords, are encrypted.Te l net andft p use plain text passwords
and send all information unencrypted. The information can be
intercepted, the passwords can be retrieved, and your system could
be compromised by an unauthorized person logging in to your system
using one of the intercepted passwords. The OpenSSH set of utilities
should be used whenever possible to avoid these security problems.

Another reason to use OpenSSH is that it automatically forwards the
DISPLAY variable to the client machine. In other words, if you are

running the X Window System on your local machine, and you log in
to a remote machine using thessh command, when you run a
program on the remote machine that requires X, it will be displayed on
your local machine. This feature is convenient if you prefer graphical
system administration tools but do not always have physical access to
your server.

Prev
Home
Next
Additional Resources
Up
Configuring an
OpenSSH Server
Red Hat Enterprise Linux 4: System
Administration Guide
Prev
Chapter 13. OpenSSH
Next
13.2. Configuring an OpenSSH Server

To run an OpenSSH server, you must first make sure that you have the
proper RPM packages installed. Theopenssh-server package is required
and depends on theopenssh package.

The OpenSSH daemon uses the configuration file/etc/ssh/sshd_config. The default configuration file should be sufficient for most purposes. If you want to configure the daemon in ways not provided by the default

sshd_config, read thesshd man page for a list of the keywords that can be
defined in the configuration file.
To start the OpenSSH service, use the command /sbin/service sshd
start. To stop the OpenSSH server, use the command/sbin/ser vice
sshd stop. If you want the daemon to start automatically at boot time, refer
to Chapter 12 Controlling Access to Services for information on how to
manage services.

If you reinstall, the reinstalled system creates a new set of identification
keys. Any clients who had connected to the system with any of the
OpenSSH tools before the reinstall will see the following message:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@
WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
@

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-
middle attack)!
It is also possible that the RSA host key has just been
changed.

If you want to keep the host keys generated for the system, backup the
/etc/ssh/ssh_host*key* files and restore them after the reinstall. This
process retains the system's identity, and when clients try to connect to the
system after the reinstall, they will not receive the warning message.
Prev
Home
Next
OpenSSH
Up
Configuring an
OpenSSH Client
Red Hat Enterprise Linux 4: System
Administration Guide
Prev
Chapter 13. OpenSSH
Next
13.3. Configuring an OpenSSH Client
To connect to an OpenSSH server from a client machine, you must have
theopenssh-clients andopenssh packages installed on the client machine.
13.3.1. Using thessh Command

Thessh command is a secure replacement for therl o g i n,rs h, andte l net commands. It allows you to log in to a remote machine as well as execute commands on a remote machine.

Logging in to a remote machine withssh is similar to usingte l net. To log in
to a remote machine named penguin.example.net, type the following
command at a shell prompt:

ssh penguin.example.net
The first time youssh to a remote machine, you will see a message similar
to the following:

The authenticity of host 'penguin.example.net' can't be
established.
DSA key fingerprint is
94:68:3a:3a:bc:f3:9a:9b:01:5d:b3:07:38:e2:11:0c.
Are you sure you want to continue connecting (yes/no)?

Activity (3)

You've already reviewed this. Edit your review.
1 hundred reads
Nagsa liked this
userraj liked this

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->