Thursday, August 04, 2011

SSH Tricks

SSH is a powerful tool that allow you to remotely operate another machine. Here you'll find some tips about SSH.
Basic Usage
The most typical usage of SSH is something like this:

ssh dmelo@merov
Where dmelo is the user name and merov [1] the name of the host being accessed. When run this command the ssh use TCP to start a communication on the port 22 of the host merov (it can also be an IP address) and tells that the users dmelo wants to start a secure remote shell. You'll be prompted about your password. The user name and the password must match with the /etc/passwd file, which is the default to make authentications.

Installing and configuring a SSH server
By default, ssh client is present on most part of the Linux distributions but the ssh server is not. To install the ssh server on Ubuntu you must install the package openssh-server.

sudo apt-get install openssh-server
No further configuration is necessary to get the ssh server working. After that command, the apt will install and run the server. But there is some security constraints that I will cover here. There is a lot of robots trying to hack machines over the internet. A good amount of them try it by ssh. This robots try to open a connection with the port 22 to verify if there is any ssh server running. When the robot find a machine with ssh, it start trying to login into that machine. There is three simple actions that can help you to prevent that kind of attacks.

    Disable ssh root access
    Change the ssh port
    Be sure that none of the users have weak password

When you try to login, using ssh, you have to provide a user and a password. A user that all linux machine have is the root. If the cracker get root access to some machine, nothing (almost nothing) can stop him. When a robot is going to search for ssh servers, it usually try only the port 22. If your ssh server is working on a different port, you'll avoid most part of them. Weak passwords is a big problem. Since the robot can try to connect a lot of times and one time or another it will find a user with a weak password. To disable root access you'll have to edit the file /etc/ssh/sshd_config, don't forget that you need superuser privileges for that sudo gedit /etc/ssh/sshd_config. On the line with PermitRootLogin yes, replace the 'yes' by 'no'. On the same file you can change the port. Look for the line Port 22 and replace the 22 by another number. Be sure the new port is not being used by another software and prefer to use ports above 1024, like 2222 for example. After that you have to restart the server.

sudo sh /etc/init.d/ssh restart


Running graphical softwares
     That's the basic stuff let's turn the things a little more interesting. Usually you can only use non graphical software. SSH has a way to export the X from the remote machine to yours. To do that you need to add the flag `-X`.

ssh -X dmelo@merov


Read more: diogomelo.net
QR: ssh-tricks

Posted via email from Jasper-Net