As we all know that every server can be accessible through two ways i.e through Interface and through Terminal. SSH is the protocol mainly used to connect a server remotely in a secure way. Through this SSH program, we can execute commands on the remote server machine, since this protocol provides a secured encrypted connection mode. It is very reliable to use and executes the commands effectively.
The SSH connection request and authenticated, protected remote access is made through the daemon called sshd. sshd(OpenSSH) is a daemon program for ssh, that uninterruptedly runs at the background of Linux/Unix-based servers to support ssh remote program access. The main difference between this daemon and ssh is that “ssh is a command that is used to connect and control remote machines and sshd is the daemon program that serves for ssh connection”.
This sshd process daemon frequently listens to the server network for incoming remote SSH connection requests. This daemon program allows the remote login request in a very secure manner and also supports files transfer by neglecting the risk of credential or network spoofing, in such a way that your server will be in a secured place. By default the sshd daemon (OpenSSH) supports protocols 1 and 2, perhaps we shall edit this protocol options through the sshd_config file. The protocol 2 supports both DSA and RSA keys, but protocol 1 supports RSA key alone. These both two protocols has the host key to identify the host.
The below commands can be useful to change SSH configurations through ssh daemon’s config file, i.e ssh_config,
To strict the IP address versions, use the following commands
sshd -4 sshd -6
In above commands -4 and -6 represents the version of IP addresses, i.e IPv4 or IPv6
To increase the grace time of SSH i.e the allowed time for an SSH client to authenticate its login, use the command
stud -g 15
In the above command, the numeric 15 represents that the grace time of 15 seconds for an SSH client to ensure or authenticate it’s login.
To change your SSH from default to some another port number,
Every sshd_config having the port number 22 as default SSH access, it meant that the port 22 is responsible for all encrypted connection. All the SSH remote connection happens through this port. We ServerCake India highly recommend you to change the default SSH port number, All you need to do is to replace the port number with your desired port. The below steps will help you to complete this task.
Step 1: Login your SSH as root user
Step 2: Run the below command as a root user
vi /etc/ssh/sshd_config
In the above command, we used vi Editor, you may use your favorite editor instead.
Step 3: Once the sshd_config audible for Edit, Fin the #Port 22 line and replace the port number 22 with your desired port number and save the file.
Step 4: Restart the sshd service to apply the recently made changes
service sshd restart
Step 2: Run the below command as a root user and find the parameter – PermitRootLogin Yes, change this to no
vi /etc/ssh/sshd_config
Step 4: Restart the sshd service to apply the recently made changes
service sshd restart
su
command that will bring you to root login