Differences
This shows you the differences between two versions of the page.
linux_wiki:configure_additional_options_described_in_documentation [2016/10/06 21:42] billdozor [SSHD Config File] |
linux_wiki:configure_additional_options_described_in_documentation [2019/05/25 23:50] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Configure Additional Options Described In Documentation ====== | ||
- | |||
- | **General Information** | ||
- | |||
- | Additional SSH options. | ||
- | |||
- | ---- | ||
- | |||
- | ====== Initial Setup ====== | ||
- | |||
- | Install package and generates system keys (should almost always be installed) | ||
- | <code bash> | ||
- | yum install openssh-server | ||
- | </ | ||
- | * openssl is a dependency | ||
- | |||
- | \\ | ||
- | Enable and start sshd | ||
- | <code bash> | ||
- | systemctl enable sshd | ||
- | systemctl start sshd | ||
- | </ | ||
- | |||
- | \\ | ||
- | Allow through firewall | ||
- | <code bash> | ||
- | firewall-cmd --permanent --add-service=ssh | ||
- | firewall-cmd --reload | ||
- | </ | ||
- | |||
- | ====== SSHD Config File ====== | ||
- | |||
- | * SSH Daemon config file: / | ||
- | * Configure additional options here | ||
- | * See man sshd_config | ||
- | |||
- | Some useful options | ||
- | * Port -> TCP listening port for sshd | ||
- | * PermitRootLogin -> Allow/ | ||
- | * MaxAuthTries -> Number of authentication tries. When 1/2 the number is reached, failures are logged. | ||
- | * MaxSessions -> Max number of ssh sessions from one IP address | ||
- | * AllowUsers -> Space-separated list of users allowed to connect | ||
- | * PasswordAuthentication -> Whether to allow password authentication or not. | ||
- | * GSSAPIAuthentication -> Authentication through GSSAPI enabled or disabled. Used for kerberos | ||
- | * ClientAliveInterval -> Interval in seconds packets are sent to the client to see if the client is still alive. | ||
- | * ClientAliveCountMax -> Number of client alive packets to send. | ||
- | * UseDNS -> Use DNS name lookup to match an incoming IP address to name. (if on) | ||
- | |||
- | ---- | ||