LinuxCert Guru, profile picture
Uploaded byLinuxCert Guru
68 views

Configure and Secure SSH - RHCSA (RH124).pdf

Slides on how to configure and secure SSH - Part of RHCSA (RH124) syllabus

Technology
Related topics:
Red Hat Technologies
Download to read offline
Configure and secure SSH
Shell ● Command-line interface to interact with OS ● Default shell in RHEL is Bash(Bourne again shell) ● Other types of shells are sh, zsh, ksh, csh
Secure SHell(SSH) ● Major protocol to access remote servers. ● Sends the information in encrypted form. ● Works on port #22 ● sshd is the service daemon ● Open-ssh is its software implementation ● Key Features: ○ Secure remote access ○ Authentication: (passwords & public key cryptography) ○ Configurable
Install the openssh-server ● Command: yum install openssh-server Start and enable the ssh ● Command: systemctl start ssh && sudo systemctl enable ssh
Create a user ● Command: useradd <username> Set a password for the user ● Command: passwd <username>
Edit the 'sshd_config' file to add custom configurations to secure SSH server ● Command: vi <path-to-sshd-config> Note: Find the line 'PasswordAuthentication no' and change it to 'PasswordAuthentication yes' and then save the file.
Make changes to the ‘sshd’ redhat configuration file. ● Command: vi <path-to-sshd-redhat-config> Note: Find the line 'ChallengeResponseAuthentication no' to 'ChallengeResponseAuthentication yes' and save the file.
Restart the 'sshd' service to apply the changes made to the config files. ● Command: systemctl restart sshd Connect to the machine using the 'ssh' command in new terminal. ● Command: ssh <username>@<ip-address>
Switch back to terminal and configure the SSH server to make it more secure. ● Command: cp <path-to-sshd-config> <path-to-sshd-config-backup> Note: Keep a backup of the original 'sshd_config' file before making any changes.
Edit the 'sshd_config' file to add custom configurations to secure SSH server by adding these lines. ● Command: vi <path-to-sshd-config> Note: Restart the ‘sshd’ service to apply the changes.
Re-login with same username and wait for sometime to notice the logs and debug messages ● Command: ssh-vvv <username>@<ip-address>
Disable root login and empty passwords and limit users to student in ‘sshd_config’ file ● Command: PermitRootLogin no PermitEmptyPasswords no AllowUsers <new-user> Note: Restart the ‘sshd’ service to apply the changes.
Try to login with old credentials again, login won’t be allowed as only <new-user> is allowed ● Command: ssh <username>@<ip-address> Create that <new-user> account that will have access and perform login ● Command: useradd <new-user> && passwd <password>
Change the port number in ‘sshd_config’ file and restart server ● Command: Port <port-number> On ‘ssh’ terminal perform login on the newly created port ● Command: ssh-p <port-number> <username>@<ip-address>

More Related Content

PPT
Introduction to SSH
byHemant Shah
 
PDF
tutorial-ssh.pdf
byNigussMehari4
 
PDF
Ssh cookbook
byJean-Marie Renouard
 
PDF
Ssh cookbook v2
byJean-Marie Renouard
 
PPT
Presentation nix
byfangjiafu
 
PPT
Presentation nix
byfangjiafu
 
PDF
An introduction to SSH
bynussbauml
 
PPTX
SSh_part_1.pptx
byShelly119532
 
Introduction to SSH
byHemant Shah
 
tutorial-ssh.pdf
byNigussMehari4
 
Ssh cookbook
byJean-Marie Renouard
 
Ssh cookbook v2
byJean-Marie Renouard
 
Presentation nix
byfangjiafu
 
Presentation nix
byfangjiafu
 
An introduction to SSH
bynussbauml
 
SSh_part_1.pptx
byShelly119532
 

Similar to Configure and Secure SSH - RHCSA (RH124).pdf

PPTX
Security Concepts - Linux
byHenry Osborne
 
PPT
SSH.ppt
byPandiya Rajan
 
PPTX
Ssh
byRaghu nath
 
PDF
SSH.pdf
byAnisSalhi3
 
PDF
OpenSSH: keep your secrets safe
byGiovanni Bechis
 
PPTX
AWS SSH Bastion
byGroots Software Technologies.
 
DOCX
Cent os 5 ssh
byAlejandro Besne
 
PPTX
A presentation on SSH (Secure Shell or Secure Socket Shell)
byPrabhat K.C.
 
DOCX
Administering Remote System in Linux
byMohammed Yazdani
 
PDF
SSH how to 2011
byChris Hales
 
PDF
0696-ssh-the-secure-shell.pdf
byAnasElbaz
 
PDF
OpenSSH tricks
byAssem CHELLI
 
PPT
Secure shell protocol
byBaspally Sai Anirudh
 
PPTX
Server hardening
byTeja Babu
 
PPT
Ssh
bygh02
 
DOCX
Research and Analysis of SSH
byMatthew Chang
 
PDF
SSH: Seguranca no Acesso Remoto
byTiago Cruz
 
KEY
Intro to SSH
byJP Bourget
 
TXT
Linuxserver harden
byGregory Hanis
 
PPT
Secure shell ppt
bysravya raju
 
Security Concepts - Linux
byHenry Osborne
 
SSH.ppt
byPandiya Rajan
 
Ssh
byRaghu nath
 
SSH.pdf
byAnisSalhi3
 
OpenSSH: keep your secrets safe
byGiovanni Bechis
 
AWS SSH Bastion
byGroots Software Technologies.
 
Cent os 5 ssh
byAlejandro Besne
 
A presentation on SSH (Secure Shell or Secure Socket Shell)
byPrabhat K.C.
 
Administering Remote System in Linux
byMohammed Yazdani
 
SSH how to 2011
byChris Hales
 
0696-ssh-the-secure-shell.pdf
byAnasElbaz
 
OpenSSH tricks
byAssem CHELLI
 
Secure shell protocol
byBaspally Sai Anirudh
 
Server hardening
byTeja Babu
 
Ssh
bygh02
 
Research and Analysis of SSH
byMatthew Chang
 
SSH: Seguranca no Acesso Remoto
byTiago Cruz
 
Intro to SSH
byJP Bourget
 
Linuxserver harden
byGregory Hanis
 
Secure shell ppt
bysravya raju
 

More from LinuxCert Guru

PDF
Create or Remove files and directories - RHCE.pdf
byLinuxCert Guru
 
PDF
Multiple Tasks Playbook in Ansible - RHCE.pdf
byLinuxCert Guru
 
PDF
Setup Remote Host in Ansible - RHCE .pdf
byLinuxCert Guru
 
PDF
Introduction to Ansible in RHEL- RHCE.pdf
byLinuxCert Guru
 
PDF
Reset RHEL Root User Password - RHCSA.pdf
byLinuxCert Guru
 
PDF
Flatpak CLI Application Management & Building on RHEL.pdf
byLinuxCert Guru
 
PDF
Run Containers in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
Manage Network Security (Firewall) in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
Access Network Attached Storage in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
Implement Advanced Storage in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
Manage Logical Volume in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
Manage Basic Storage in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
Managing SELinux Security - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
Control Access to Files with ACL - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
Tune System Performance - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
Schedule Future Tasks - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
Improve Command Line Productivity - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
Analyze Servers and Get Support - RHCSA (RH124).pdf
byLinuxCert Guru
 
PDF
Manage Networking in RHEL - RHCSA (RH124).pdf
byLinuxCert Guru
 
PDF
Install and Update Software - RHCSA (RH124).pdf
byLinuxCert Guru
 
Create or Remove files and directories - RHCE.pdf
byLinuxCert Guru
 
Multiple Tasks Playbook in Ansible - RHCE.pdf
byLinuxCert Guru
 
Setup Remote Host in Ansible - RHCE .pdf
byLinuxCert Guru
 
Introduction to Ansible in RHEL- RHCE.pdf
byLinuxCert Guru
 
Reset RHEL Root User Password - RHCSA.pdf
byLinuxCert Guru
 
Flatpak CLI Application Management & Building on RHEL.pdf
byLinuxCert Guru
 
Run Containers in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
Manage Network Security (Firewall) in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
Access Network Attached Storage in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
Implement Advanced Storage in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
Manage Logical Volume in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
Manage Basic Storage in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
Managing SELinux Security - RHCSA (RH134).pdf
byLinuxCert Guru
 
Control Access to Files with ACL - RHCSA (RH134).pdf
byLinuxCert Guru
 
Tune System Performance - RHCSA (RH134).pdf
byLinuxCert Guru
 
Schedule Future Tasks - RHCSA (RH134).pdf
byLinuxCert Guru
 
Improve Command Line Productivity - RHCSA (RH134).pdf
byLinuxCert Guru
 
Analyze Servers and Get Support - RHCSA (RH124).pdf
byLinuxCert Guru
 
Manage Networking in RHEL - RHCSA (RH124).pdf
byLinuxCert Guru
 
Install and Update Software - RHCSA (RH124).pdf
byLinuxCert Guru
 

Recently uploaded

PPTX
Sephora UAE API Service Real-Time Product & Price Data Access.pptx
bycreativeclicks1733
 
PPTX
Getting Started with MSP360 Backup for M365/Google
byMSP360
 
PDF
From Pixels to Insights: Getting Started with Imagery in FME
bySafe Software
 
PPTX
2025 - AI terms & Meanings for Marketers
byashishav29
 
PDF
Private Governance: How Decentralized Mechanisms Can Regulate the Crypto Economy
byFederico Ast
 
PDF
Cybersecurity in ASEAN and Singapore Columbia SIPA 2025.pdf
byBenjamin Ang
 
PDF
ENTSO-E's Response to the European Commission Call for Evidence on the Strate...
byReynir Orn Bachmann Gudmundsson
 
PDF
The Future-Ready PMO: Unlocking Project Success with Copilot and AI Innovatio...
byWellingtone
 
PDF
How Tridens DevSecOps Ensures Compliance, Security, and Agility
byTridens
 
PDF
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
PDF
Supercharge Your JVM with Project Leyden
byAna-Maria Mihalceanu
 
PDF
RR B.Ed. educational trust. Ashish Tiwari
byat386834
 
PPTX
A GREEN BUSINESS TOOLKIT FOR EARLY-STAGE ENTREPRENEURS (1).pptx.pptx
bylearnskillsofficial1
 
PDF
Exclusive Hands-On Workshop: Agentic Automation with UiPath (First Edition)
byanabulhac
 
PPSX
AppSec Role Based Training OWASP Global AppSec USA 2025-11-06
byRobert Grupe, CSSLP CISSP PE PMP
 
PDF
Dr. Robert Krug - Specializes In Predictive Modeling
byDr. Robert Krug
 
PDF
Save administrator time with the automated remediation capabilities of Red Ha...
byPrincipled Technologies
 
PDF
Revolutionizing SQL Database Design for the Modern Era.pdf
bySQL DBM
 
PPTX
Odoo_by_Infinys_All_in_One_Business_Solution_for_Small_Companies.pptx
byAgusto Sipahutar
 
PDF
Upskill to Agentic Automation - Working Smarter with AI: Real-World Tools for...
byDianaGray10
 
Sephora UAE API Service Real-Time Product & Price Data Access.pptx
bycreativeclicks1733
 
Getting Started with MSP360 Backup for M365/Google
byMSP360
 
From Pixels to Insights: Getting Started with Imagery in FME
bySafe Software
 
2025 - AI terms & Meanings for Marketers
byashishav29
 
Private Governance: How Decentralized Mechanisms Can Regulate the Crypto Economy
byFederico Ast
 
Cybersecurity in ASEAN and Singapore Columbia SIPA 2025.pdf
byBenjamin Ang
 
ENTSO-E's Response to the European Commission Call for Evidence on the Strate...
byReynir Orn Bachmann Gudmundsson
 
The Future-Ready PMO: Unlocking Project Success with Copilot and AI Innovatio...
byWellingtone
 
How Tridens DevSecOps Ensures Compliance, Security, and Agility
byTridens
 
Writing GPU-Ready AI Models in Pure Java with Babylon
byAna-Maria Mihalceanu
 
Supercharge Your JVM with Project Leyden
byAna-Maria Mihalceanu
 
RR B.Ed. educational trust. Ashish Tiwari
byat386834
 
A GREEN BUSINESS TOOLKIT FOR EARLY-STAGE ENTREPRENEURS (1).pptx.pptx
bylearnskillsofficial1
 
Exclusive Hands-On Workshop: Agentic Automation with UiPath (First Edition)
byanabulhac
 
AppSec Role Based Training OWASP Global AppSec USA 2025-11-06
byRobert Grupe, CSSLP CISSP PE PMP
 
Dr. Robert Krug - Specializes In Predictive Modeling
byDr. Robert Krug
 
Save administrator time with the automated remediation capabilities of Red Ha...
byPrincipled Technologies
 
Revolutionizing SQL Database Design for the Modern Era.pdf
bySQL DBM
 
Odoo_by_Infinys_All_in_One_Business_Solution_for_Small_Companies.pptx
byAgusto Sipahutar
 
Upskill to Agentic Automation - Working Smarter with AI: Real-World Tools for...
byDianaGray10
 

Configure and Secure SSH - RHCSA (RH124).pdf

  • 1.
  • 2.
    Shell ● Command-line interfaceto interact with OS ● Default shell in RHEL is Bash(Bourne again shell) ● Other types of shells are sh, zsh, ksh, csh
  • 3.
    Secure SHell(SSH) ● Majorprotocol to access remote servers. ● Sends the information in encrypted form. ● Works on port #22 ● sshd is the service daemon ● Open-ssh is its software implementation ● Key Features: ○ Secure remote access ○ Authentication: (passwords & public key cryptography) ○ Configurable
  • 5.
    Install the openssh-server ●Command: yum install openssh-server Start and enable the ssh ● Command: systemctl start ssh && sudo systemctl enable ssh
  • 6.
    Create a user ●Command: useradd <username> Set a password for the user ● Command: passwd <username>
  • 7.
    Edit the 'sshd_config'file to add custom configurations to secure SSH server ● Command: vi <path-to-sshd-config> Note: Find the line 'PasswordAuthentication no' and change it to 'PasswordAuthentication yes' and then save the file.
  • 8.
    Make changes tothe ‘sshd’ redhat configuration file. ● Command: vi <path-to-sshd-redhat-config> Note: Find the line 'ChallengeResponseAuthentication no' to 'ChallengeResponseAuthentication yes' and save the file.
  • 9.
    Restart the 'sshd'service to apply the changes made to the config files. ● Command: systemctl restart sshd Connect to the machine using the 'ssh' command in new terminal. ● Command: ssh <username>@<ip-address>
  • 10.
    Switch back toterminal and configure the SSH server to make it more secure. ● Command: cp <path-to-sshd-config> <path-to-sshd-config-backup> Note: Keep a backup of the original 'sshd_config' file before making any changes.
  • 11.
    Edit the 'sshd_config'file to add custom configurations to secure SSH server by adding these lines. ● Command: vi <path-to-sshd-config> Note: Restart the ‘sshd’ service to apply the changes.
  • 12.
    Re-login with sameusername and wait for sometime to notice the logs and debug messages ● Command: ssh-vvv <username>@<ip-address>
  • 13.
    Disable root loginand empty passwords and limit users to student in ‘sshd_config’ file ● Command: PermitRootLogin no PermitEmptyPasswords no AllowUsers <new-user> Note: Restart the ‘sshd’ service to apply the changes.
  • 14.
    Try to loginwith old credentials again, login won’t be allowed as only <new-user> is allowed ● Command: ssh <username>@<ip-address> Create that <new-user> account that will have access and perform login ● Command: useradd <new-user> && passwd <password>
  • 15.
    Change the portnumber in ‘sshd_config’ file and restart server ● Command: Port <port-number> On ‘ssh’ terminal perform login on the newly created port ● Command: ssh-p <port-number> <username>@<ip-address>