To totally unlock this section you need to Log-in
Login
OpenSSH is already installed by default even if you installed CentOS with "Minimal Install", so it's not necessarry to install new packages. You can login with Password Authentication by default, but change some settings for security like follows.
[root@dlp ~]# vi /etc/ssh/sshd_config # At line 48: uncomment and change ( prohibit root login remotely ) PermitRootLogin no # At line 77: uncomment PermitEmptyPasswords no PasswordAuthentication yes [root@dlp ~]# systemctl restart sshd
If Firewalld is running, allow SSH service. SSH uses 22/TCP port.
[root@dlp ~]# firewall-cmd --add-service=ssh --permanent success [root@dlp ~]# firewall-cmd --reload success
SSH Service in CentOS
If you just simply wish to turn on the SSH service in CentOS, issue the following command: service sshd start.
This will turn on the SSH service and allow users to connect to the computer using SSH on port 22. Now to turn off this service you could issue the command: service sshd stop.
Automatically Running the SSH Service
If you wish to have the SSH daemon run automatically as the computer boots up, issue the command: chk sshd on.
This will allow the SSH service to run every time you start up your computer.
SSH Configuration File
To make edits to the configuration of SSH edit the file located at /etc/ssh/sshd_config. One configuration you may want to change in the /etc/ssh/sshd_config file is to restrict the root user from accessing the server via SSH.
Since the root user is the default administrative user account, this user would be the most likely to be used in login attacks against your computer. So it is a good idea to create another account on your system that has sudo privileges and login using that account.
To restrict the root user from logging in via SSH open the SSH config file by entering the terminal command:
nano /etc/ssh/sshd-config
Locate the line that reads #PermitRootLogin yes, as seen previously. Remove the # symbol and change yes to no. Save the file and restart the SSH service by issuing the following command:
service sshd restart
Configure SSH Client on CentOS
Install SSH Client.
[root@client ~]# yum -y install openssh-clients
Connect to the SSH server with a common user.
# ssh [username@(hostname or IP address)] [root@client ~]# ssh [email protected] The authenticity of host 'dlp.server.world ()' can't be established. ECDSA key fingerprint is xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:60:90:d8. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'dlp.server.world' (ECDSA) to the list of known hosts. [email protected]'s password: # password of the user [cent@dlp ~]$ # just logined
It's possbile to execute commands on remote host with SSH like follows.
# for example, execute "cat /etc/passwd" [cent@client ~]$ ssh [email protected] "cat /etc/passwd" [email protected]'s password: root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin ... ... postfix:x:89:89::/var/spool/postfix:/sbin/nologin sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
Configure SSH Client on Windows
Get a software which you can login with SSH from Windows clients. This example shows to use Putty. Install and start it and input your server's IP address and Click 'Open' button like follows.
After succeccing authentication, it's possible to login like follows.