This is an old revision of the document!
Configure Additional Options Described In Documentation
General Information
Additional SSH options.
Initial Setup
Install package and generates system keys (should almost always be installed)
yum install openssh-server
- openssl is a dependency
Enable and start sshd
systemctl enable sshd
systemctl start sshd
Allow through firewall
firewall-cmd --permanent --add-service=ssh firewall-cmd --reload
SSHD Config File
- SSH Daemon config file: /etc/ssh/sshd_config
- Configure additional options here
- See man sshd_config
Some useful options
- Port → TCP listening port for sshd
- PermitRootLogin → Allow/disallow root login
- MaxAuthTries → Number of authentication tries. When 1/2 the number is reached, failures are logged.
- MaxSessions → Max number of ssh sessions from one IP address
- AllowUsers → Space-separated list of users allowed to connect
- PasswordAuthentication → Whether to allow password authentication or not.
- GSSAPIAuthentication → Authentication through GSSAPI enabled or disabled. Used for kerberos
- ClientAliveInterval → Interval in seconds packets are sent to the client to see if the client is still alive.
- ClientAliveCountMax → Number of client alive packets to send.
- UseDNS → Use DNS name lookup to match an incoming IP address to name. (if on)