ssh

[root@server-rhel6 ~]# rpm -q openssh-server
openssh-server-5.3p1-112.el6_7.x86_64

[root@server-rhel6 ~]# yum install openssh-server
Loaded plugins: product-id, refresh-packagekit, security, subscription-manager
Setting up Install Process
Package openssh-server-5.3p1-112.el6_7.x86_64 already installed and latest version
Nothing to do

[root@server-rhel6 ~]# useradd hulk
[root@server-rhel6 ~]# passwd hulk
Changing password for user hulk.
New password:
BAD PASSWORD: it is too short
BAD PASSWORD: is too simple
Retype new password:
passwd: all authentication tokens updated successfully.

[root@server-rhel6 ~]# service sshd start
[root@server-rhel6 ~]# service sshd status
openssh-daemon (pid  2713) is running…

[root@server-rhel6 ~]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0C:29:B5:97:4A
inet addr:172.16.28.150  Bcast:172.16.28.255  Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:feb5:974a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
RX packets:32665 errors:0 dropped:0 overruns:0 frame:0
TX packets:14389 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:47081444 (44.9 MiB)  TX bytes:1078129 (1.0 MiB)

lo        Link encap:Local Loopback
inet addr:127.0.0.1  Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING  MTU:65536  Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

[root@server-rhel6 ~]# iptables -I INPUT -p tcp –dport 22 -j ACCEPT
[root@server-rhel6 ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
[root@server-rhel6 ~]# service iptables reload
iptables: Trying to reload firewall rules:                 [  OK  ]
[root@server-rhel6 ~]# iptables -L | grep ssh
ACCEPT     tcp  —  anywhere             anywhere            state NEW tcp dpt:ssh

———————————————————————————————–
[root@rhel6-client1 ~]# ssh 172.16.28.150
The authenticity of host ‘172.16.28.150 (172.16.28.150)’ can’t be established.
RSA key fingerprint is ef:4a:f0:0f:72:b9:0e:99:b2:d2:17:5a:3c:c4:5f:6f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘172.16.28.150’ (RSA) to the list of known hosts.
root@172.16.28.150’s password:

By default ssh command will enable root session. If you want to login from normal user then specify his name with -l options. or username@ipaddress.

[root@rhel6-client1 ~]# ssh 172.16.28.150 -l hulk
hulk@172.16.28.150’s password:
[root@rhel6-client1 ~]# ssh hulk@172.16.28.150
hulk@172.16.28.150’s password:
[hulk@server-rhel6 ~]$

—————————————————————————————————–

How to make user from denying through ssh

[root@server-rhel6 ~]# vim /etc/ssh/sshd_config
DenyUsers hulk

[root@server-rhel6 ~]# service sshd restart
Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]

[root@rhel6-client1 ~]# ssh hulk@172.16.28.150
hulk@172.16.28.150’s password:
Permission denied, please try again.
hulk@172.16.28.150’s password:

[root@server-rhel6 ~]# cat /etc/ssh/sshd_config | grep PermitRootLogin
PermitRootLogin no
# the setting of “PermitRootLogin without-password”.

[root@rhel6-client1 ~]# ssh root@172.16.28.150
root@172.16.28.150’s password:
Permission denied, please try again.
root@172.16.28.150’s password:

Advertisements
Posted in: ssh

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s