SSH Components
The SSH software is comprised of a small suite of utilities that perform different functions. We’re not going to give you an overview of every feature of these utilities. Instead, we’re going to look at functions and parameters that you should know in order to operate an SSH VPN—both those you should use and those you might be better off not using. For other functionality, we suggest checking the manpages for each of these tools.
sshd
The
SSH server daemon is called
sshd. As shown in Section 8.2, it’s normally started from an
rc file. When launched, it generates the first
instance of the server key pair. Because of this, it’s
typically not recommended that you start sshd
from inetd, because inetd
will launch it each time somebody makes a connection. This server key
generation adds additional time to the login, sometimes on the order
of tens of seconds, depending upon the speed of your machine, its
load, and the size of the server key you choose. In some cases this
delay will be unacceptable, or at the very least annoying.
sshd has a configuration file called
/etc/sshd_config, which lets you set a number of
default runtime and security parameters, including port, server key
bits, and the types of authentication allowed.
Useful sshd parameters for our purposes
No parameters are normally needed to launch the SSH daemon, but there are a few that can be useful in making modifications.
-
-bbits You can set the length of the server key with this option. The default server key ...
Get Virtual Private Networks, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
