SSH Server

SSH: (Secure Shell) :
SSH protocol suite of network connectivity tools are used to encrypt connections accross the internet. SSH encrypts all traffic including logins and passwords to effectively eliminate network sniffing, connection hijacking, and other network-level attacks. In a regular telnet session the password is transmitted across the Internet unencrypted.  

For Search openssh package installed or not :

[root@xnetbd xinetd.d]# rpm -qa | grep openssh
openssh-clients-4.3p2-36.el5
openssh-4.3p2-36.el5
openssh-server-4.3p2-36.el5
openssh-askpass-4.3p2-36.el5

For install openssh by using yum: 

[root@xnetbd xinetd.d]# yum install openssh

Server configuration file /etc/ssh/sshd_config: 

[root@xnetbd xinetd.d]# vim /etc/ssh/sshd_config
PermitRootLogin no
Here we deny root user,This removes root, a known login on all Linux systems,
[root@xnetbd xinetd.d]# /etc/init.d/sshd restart
Stopping sshd:                                             [  OK  ]
Starting sshd:                                               [  OK  ]

Now for testing purpose we try to login to our server:

login as: root
Access denied
root@192.168.50.30's password:
Access denied

SSH port no is 22 we can change this port for security purpose :

[root@xnetbd ~]# netstat -l

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State
tcp        0                  0 localhost:2208                     *:*                         LISTEN
tcp        0                  0 *:npmp-local                       *:*                         LISTEN
tcp        0                  0 *:sunrpc                              *:*                         LISTEN
tcp        0                  0 *:ftp                                    *:*                         LISTEN
tcp        0                  0 *:telnet                                *:*                         LISTEN
tcp        0                  0 localhost:ipp                        *:*                         LISTEN
tcp        0                  0 localhost:smtp                      *:*                         LISTEN
tcp        0                  0 localhost:2207                      *:*                         LISTEN
tcp        0                  0 *:ssh                                     *:*                         LISTEN
tcp        0                  0 ::1:ipp                                   *:*                         LISTEN
udp        0                 0 *:52789                               *:*                            
udp        0                 0 *:tunnel                                *:*                            
udp        0                 0 *:nqs                                   *:*                            
udp        0                 0 *:mdns                                *:*                            
udp        0                 0 *:sunrpc                              *:*                            
udp        0                 0 *:ipp                                   *:*                            
udp        0                 0 *:56658                             *:*                            
udp        0                 0 *:mdns                               *:*                            
Active UNIX domain sockets (only servers)
Proto RefCnt Flags           Type            State            I-Node Path
unix  2      [ ACC ]     STREAM     LISTENING     7295   @/tmp/fam-root-
unix  2      [ ACC ]     STREAM     LISTENING     5276   @/var/run/hald/dbus-pKI3nDZaOM
unix  2      [ ACC ]     STREAM     LISTENING     6920   /tmp/.font-unix/fs7100
unix  2      [ ACC ]     STREAM     LISTENING     5277   @/var/run/hald/dbus-yGdpSUaYEf
unix  2      [ ACC ]     STREAM     LISTENING     4545   /var/run/audispd_events
unix  2      [ ACC ]     STREAM     LISTENING     4993   /var/run/dbus/system_bus_socket
unix  2      [ ACC ]     STREAM     LISTENING     5091   /var/run/sdp
unix  2      [ ACC ]     STREAM     LISTENING     5197   /var/run/pcscd.comm
unix  2      [ ACC ]     STREAM     LISTENING     5232   /var/run/acpid.socket
unix  2      [ ACC ]     STREAM     LISTENING     6825   /dev/gpmctl
unix  2      [ ACC ]     STREAM     LISTENING     6363   /var/run/cups/cups.sock
unix  2      [ ACC ]     STREAM     LISTENING     7068   /var/run/avahi-daemon/socket

[root@xnetbd ~]# netstat -an | grep :22
tcp        0      0 127.0.0.1:2208              0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:2207              0.0.0.0:*                   LISTEN
tcp        0      0 ::ffff:192.168.50.30:22     ::ffff:192.168.50.22:1080   ESTABLISHED

[root@xnetbd ~]# netstat -tan | grep :22
tcp        0      0 127.0.0.1:2208              0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:2207              0.0.0.0:*                   LISTEN
tcp        0     52 ::ffff:192.168.50.30:22     ::ffff:192.168.50.22:1080   ESTABLISHED
[root@xnetbd ~]# netstat -tulan | grep :22
tcp        0      0 127.0.0.1:2208              0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:2207              0.0.0.0:*                   LISTEN
tcp        0     52 ::ffff:192.168.50.30:22     ::ffff:192.168.50.22:1080   ESTABLISHED

Here we search ssh port and found 22 port is works for tcp

Now we Replaced the 22 port with 888 port for SSH Server:

[root@xnetbd ~]# netstat -an | grep :888
[root@xnetbd ~]# vim /etc/ssh/sshd_config
Port 888
[root@xnetbd ~]# /etc/init.d/sshd restart
Stopping sshd:                                             [FAILED]
Starting sshd:                                                [  OK  ]
[root@xnetbd ~]# ssh -p 888 saiful@192.168.50.30
login as: saiful
Access denied
saiful@192.168.50.30's password:
Last login: Wed Nov  2 02:45:34 2011 from 192.168.50.22




Configure SSH to allow or deny specific users:

 [root@xnetbd ~]# vim /etc/ssh/sshd_config
AllowUsers saiful rony
AllowGroups group1 group2

Here by default all other user and groups are denied,If wants to deny specific group or users just mansion: DenyUsers user_name , DenyGroups group_name

[root@xnetbd ~]# /etc/init.d/sshd restart

login as: saiful
Access denied
saiful@192.168.50.30's password:
Last login: Wed Nov  2 02:45:34 2011 from 192.168.50.22

login as: rony
Access denied
rony@192.168.50.30's password:
[rony@xnetbd ~]$

login as: rajan
Access denied
rajan@192.168.50.30's password:
Access denied

login as:probal
Access denied
rajan@192.168.50.30's password:
Access denied

Here when we wants to login from saiful+rony then server allow those user,but we unable to login by using other users

If we wants to login as a root user then at first we can login with allowed user then switched to the root user :

login as: saiful
Access denied
saiful@192.168.50.30's password:
Last login: Wed Nov  2 02:50:24 2011 from 192.168.50.22
[saiful@xnetbd ~]$ su - root
Password:
[root@xnetbd ~]#