The ssh (secure shell) is the standard in terms of remote login on Linux machines. It was introduced as a replacement for telnet
and it offers enhanced features. From Wikipedia: “Secure Shell (SSH) is a cryptographic network protocol for secure data communication, remote command-line login, remote command execution, and other secure network services between two networked computers”.
SSH encrypts data by creating a secure channel between a client hosting a SSH client program and a server hosting a SSH server program. It uses Public-key cryptography with two keys (public and private) to create a secure connection. With this tunnel in place, all sensitive information such as usernames and passwords are encrypted.
CentOS distributions are shipped with ssh server and client applications installed, you can verify if these packets are installed by executing rpm -qa | grep ssh:
If you need to install the ssh client or server package, execute the following command: yum install package_name. To search for a particular package execute yum install ssh:
Execute yum -ql package_name to see the contents of a rpm package:
The sshd (daemon) server has its configuration files stored under /etc/ssh:
You can search for all ssh related files by executing: find / -name \*ssh\* -type f
All configuration parameters are stored under /etc/ssh/sshd_config.
By default, the ssh server will listen on port 22, if you want to change the listening port then remove the comment from the port line. The ssh private and public keys are stored in this location. There are a lot of options available in the configuration file so check out the man page for ssh if you want to customize it.
The four keys stored in the ssh folder are the following:
Private RSA key (v2): ssh_host_rsa_key
Public RSA key (v2): ssh_host_rsa_key.pub
Private DSA key (v2): ssh_host_dsa_key
Public DSA key (v2): ssh_host_dsa_key.pub
Private RSA key (v1): ssh_host_key
Public RSA key (v1): ssh_host_key.pub
When you install the openssh software the keys will be generated automatically, but if you need to generate them manually, execute the following command:
ssh-keygen -t rsa -N ” -f ssh_host_rsa_key
The pid file for sshd is stored in /var/run/sshd.pid:
The /etc/ssh/ssh_config is the configuration file for the ssh client. To open a ssh connection with a remote machine simply type ssh username@machine_name.