Home    Scripts    Utilities     Softwares     Awards     Contact Me
Linux
Command Summary
File Permisions
Users/Groups
Partitions/FileSystems
SSH
IPTables
Apache
MD5 Checksum
MySQL
Bind
DjbDNS
CronD
Qmail
Vpopmail
Courier-IMAP
SpamAssassin
ClamAV
CVS
OpenVPN
PLESK
Setting up USB Wireless Modem HUAWEI ETS2551
RootKits
SHV4
T0rnKit
Flea
F**Kit
Networking
RedHat
Mandrake
Debian
Fedora
SlackWare
Gentoo
SUSE
Centos
FreeBSD
Encodings
Base64
QuotedPrintable
UU
URL
Encryption
RSA
BlowFish
DES
Tripple DES
2 Key Triple DES
SSL
Certificate Parser
CSR Parser
   OpenSSH   Difference in SSH and SSH2   Using KEY Authentication

OpenSSH

Simple connection with SSH server

Example: ssh username@domainname.com

Connecting at a specific port

Example: ssh -p port username@domainname.com

Port mapping/Tunneling with SSH

Example: ssh username@domainname.com -L 125:someserver.com:25
Description: This will map the local port 125 with someserver.com's port 25. So if you will specify localhost:125 as your smtp server in your email client then you will actually using someserver.com's mail server.
Example: ssh username@192.168.1.77 -L 1110:xx.xx.xx.xx:110 -L 125:xx.xx.xx.xx:25
Description: Multiple port mappings

Secure FTP

First do a port map with ssh
ssh user@servername.com -L 21:servername.com:21
Now use localhost as hostname in your ftp client software.

Uploading with ssh and rsync

Example: rsync -v --rsh="ssh -l username" /path/to/local/file username@servername.com:/some/folder
Description: It will upload "file" in "folder"

Uploading with ssh

Example: tar cf - /some/local/folder | ssh username@192.168.1.26 '(cd public_html;tar xvpf -)'
Description: Trust me! It wil upload "folder" in to p"public_html" of server

Downloading with ssh

Example: ssh username@192.168.1.26 'tar cf - /path/to/file' | tar xvpf -
Description: Yes it will download "file" from server

Private/Public key authentication

On client server run this command.: ssh-keygen -t rsa
Press enter on all options.

This will put your publick key in ~/.ssh/id_rsa.pub

Copy your public key from ~/.ssh/id_rsa.pub and put it on the server in ~/.ssh/authorized_keys

Description: This will let you login to ssh server without providing password each time.

Uploading with scp

Example: scp filename.tar.gz username@192.12.5.6:/some/path
Description: If you have public/private key authentication setup then it will not prompt for a password.

Downloading with scp

Example: scp username@192.12.5.6:/some/path filename.tar.gz
Description: If you have public/private key authentication setup then it will not prompt for a password.

Securing SSH

Change the SSHD port

Open the file /etc/ssh/sshd_config
Uncomment the line "#Port 22" and change the port number.
Save the file and restart sshd.
Now SSHD will run on the port you specified, And you will have to connect with "ssh -p port" from client side


Disallow the root user login

Open the file /etc/ssh/sshd_config
Uncomment the line "#PermitRootLogin yes" and change it to "PermitRootLogin no"
Save the file and Restart sshd.
Now you can not login as root, You will have to login with a non root user and then youc an do "su" to switch to root user


Hiding SSH Version String

This is not recommended, As some applications may need the ssh version string. But if you need to run ssh on the default port and also need to make your server secure as per the standards of verisign then you will have to do a custom compile, And before compiling ssh, edit the file version.h and change the version string in it.

SourceForge.net Logo









All trade marks are property of respective owners
All rights reserved 2003-2007, Openpages.info, Multan, Pakistan
          Contact Me