Configure Additional Options Described In Documentation

General Information

Additional SSH options.

Lab Setup

The following virtual machines will be used:

  • ( → The SSH client
  • ( → The SSH server

Initial Setup

Install package and generates system keys (should almost always be installed)

yum install openssh-server
  • openssl is a dependency

Enable and start sshd

systemctl enable sshd
systemctl start sshd

Allow through firewall

firewall-cmd --permanent --add-service=ssh
firewall-cmd --reload

SSHD Config File

  • SSH Daemon config file: /etc/ssh/sshd_config
    • Configure additional options here
    • See man sshd_config

Some useful options

  • Port → TCP listening port for sshd
  • PermitRootLogin → Allow/disallow root login
  • MaxAuthTries → Number of authentication tries. When 1/2 the number is reached, failures are logged.
  • MaxSessions → Max number of ssh sessions from one IP address
  • AllowUsers → Space-separated list of users allowed to connect
  • DenyUsers → Space-separated list of users to deny conections
  • PasswordAuthentication → Whether to allow password authentication or not.
  • GSSAPIAuthentication → Authentication through GSSAPI enabled or disabled. Used for kerberos
  • ClientAliveInterval → Interval in seconds packets are sent to the client to see if the client is still alive.
  • ClientAliveCountMax → Number of client alive packets to send.
  • UseDNS → Use DNS name lookup to match an incoming IP address to name. (if on)

  • linux_wiki/configure_additional_options_described_in_documentation.txt
  • Last modified: 2019/05/25 23:50
  • (external edit)