The /etc/ssh/sshd_config File





The /etc/ssh/sshd_config File

The SSH configuration file is called /etc/ssh/sshd_config. By default SSH listens on all your NICs and uses TCP port 22. Take a look at a snippet from configuration:

     # The strategy used for options in the default sshd_config shipped
     with
     # OpenSSH is to specify options with their default value where
     # possible, but leave them commented. Uncommented options change a
     # default value.

     #Port 22
     #Protocol 2,1
     #ListenAddress 0.0.0.0
     #ListenAddress ::

SSH Versions 1 and 2

The original encryption scheme of SSH was adequate for its time but was eventually found to have a number of limitations. The answer to these was version 2. Always force your systems to operate exclusively with version 2 by setting the protocol statement in the /etc/ssh/sshd_config file to 2. Remember to restart SSH to make this take effect.

     #
     # File: /etc/ssh/sshd_config
     #

     Protocol 2

Change the TCP Port on Which SSH Listens

If you are afraid of people trying to hack in on a well known TCP port, then you can change port 22 to a location that won't interfere with other applications on your system, such as port 435. This is a rudimentary precaution only, because good network scanning programs can detect SSH running on alternative ports.

What you need to do is:

1.
Use the netstat command to make sure your system isn't listening on port 435, using grep to filter out everything that doesn't have the string "435":

     [[email protected] root]# netstat -an | grep 435
     [[email protected] root]#

2.
No response allows us to proceed. Change the Port line in /etc/ssh/sshd_config to mention 435 and remove the # at the beginning of the line. If port 435 is being used, pick another port and try again: Port 435

3.
Restart SSH:

 [[email protected] tmp]# service sshd restart

4.
Check to ensure SSH is running on the new port:

[[email protected] root]# netstat -an | grep 435
tcp    0     0    192.168.1.100:435    0.0.0.0:*   LISTEN
[[email protected] root]#

Next, you'll discover how to actually log into systems using SSH.


     Python   SQL   Java   php   Perl 
     game development   web development   internet   *nix   graphics   hardware 
     telecommunications   C++ 
     Flash   Active Directory   Windows