How to install OpenSSH on Linux

Home > Search > How-to
  by

Use apt-get or yum to install OpenSSH.

[root@server1 ~]# yum install openssh-server

 

Enable OpenSSH. start OpenSSH, and ensure OpenSSH is active and running.

[root@server1 ~]# systemctl enable sshd
[root@server1 ~]# systemctl start sshd
[root@server1 ~]# systemctl status sshd

 

After OpenSSH is active and running, connect using the Linux Terminal or connect using PuTTY. If you are unable to connect to the SSH server, view the SSH logs.

[root@server1 ]# tail /var/log/auth.log
[root@server1 ]# tail /var/log/secure

 

The last command can be used to confirm that a user is able to make an SSH connection to the OpenSSH server. In this example, john.doe made an SSH connection to the server from client1.example.com. Root did not make an SSH connection to the server, as root connected from server1.example.com, which is the same exact hostname as the OpenSSH server in this example.

[root@server1 ~]# last
john.doe  /dev/pts/0   client1.example.com  Thu Jan 12 12:04  still logged in
root      /dev/tty1    server1.example.com  Wed Jan 11 12:54 - 13:13  (00:19)
reboot    system boot  3-10-0-327.e17.x     Wed Jan 11 12:52 - 13:10  (00:01)
. . .

 

The /var/log/auth.log or /var/log/secure file will also show SSH connections. In this example, john.doe made an SSH connection to the OpenSSH server.

[root@server1 ~]# tail /var/log/secure
May  6  21:29:10 server1 sshd[15970]: pam_unix(sshd:session): session open for user john.doe by (uid=0)
. . .
May  6  21:51:09 server1 sshd[15970]: pam_unix(sshd:session): session closed for user john.doe

 


Security

 

To ensure the OpenSSH server is secured, view the /var/log/auth.log or /var/log/secure file.

[root@server1 ]# 
tail -30 /var/log/auth.log
tail -30 /var/log/secure

 

The log typically has attempted connections from foreign IP addresses with a message such as refused connect from foreign ip address.

 

If the log file shows numerous events from a foreign IP address with sshd and message Failed password for root from ip address, this means connections to the OpenSSH server from external hosts is allowed. In this example, an external host is attempting using brute force in an attepmpt to guess the root password to make an SSH connection to our server. In this scenario, the /etc/hosts.allow, /etc/hosts.deny or iptables was not properly configured to refuse SSH connections from foreign hosts.

 


PKI

By default, OpenSSH is configured to allow connections using the following methods:

  • username / password
  • public / private key pair (PKI)

For the best security, configure OpenSSH to only allow connections using a public / private key pair.

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter in the box below so that we can be sure you are a human.




Comments