Installation and Configuration

OpenSSH may or may not be installed on your system by default. When the SSH server (sshd) runs for the first time, it generates a host key for your machine. This key will serve to authenticate your host in subsequent SSH sessions. Then you will typically want to create SSH authentication keys for your own personal account, as well as the root account. After that, as the administrator you should review the configuration of sshd, to see that you are comfortable with it.

The standard place for the central configuration of OpenSSH is the /etc/ssh directory. Here you will find the server configuration in sshd_config and default client configuration in ssh_config. Here are some highlights from the server configuration as installed on Debian:

# What ports, IPs and protocols we listen for
Port 22
Protocol 2

Port 22 is the standard port for the SSH protocol. Version 2 of the protocol is the most secure, whereas version 1 has some flaws that were hard to overcome. It is recommended to accept only version 2 now. To support both versions, put 2, 1 on the Protocol line of the configuration file.

Get LPI Linux Certification in a Nutshell, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.