OpenSSH : Password Authentication2021/07/19 |
|
Configure SSH Server to operate servers from remote computers.
|
|
| [1] | OpenSSH is already installed by default even if you installed Rocky Linux with [Minimal] Install, so it does not need to install new packages. You can login with Password Authentication by default. However by default, root user account is allowed to login, so it had better to change the setting. |
|
[root@dlp ~]#
vi /etc/ssh/sshd_config # line 43 : change ( prohibit root login ) # for other options, there are [prohibit-password], [forced-commands-only] PermitRootLogin no
systemctl restart sshd |
| [2] | If Firewalld is running, allow SSH service. SSH uses [22/TCP]. |
|
[root@dlp ~]# firewall-cmd --add-service=ssh success [root@dlp ~]# firewall-cmd --runtime-to-permanent success |
|
SSH Client : Rocky Linux
|
|
Configure SSH Client for Rocky Linux.
|
|
| [3] | Install SSH Client. |
|
[root@node01 ~]# dnf -y install openssh-clients
|
| [4] | Connect to SSH server with any common user. |
|
# ssh [username@(hostname or IP address)] [rocky@node01 ~]$ ssh rocky@dlp.srv.world The authenticity of host 'dlp.srv.world (10.0.0.30)' can't be established. ECDSA key fingerprint is SHA256:iVDlXmzyyPSgv7PKcoQlmDq94heCOwJaflOEMI+juMA. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added 'dlp.srv.world,10.0.0.30' (ECDSA) to the list of known hosts. rocky@dlp.srv.world's password: Activate the web console with: systemctl enable --now cockpit.socket [rocky@dlp ~]$ # logined |
| [5] | It's possbile to execute commands on remote Host with SSH like follows. |
|
# for example, run [cat /etc/passwd] [rocky@node01 ~]$ ssh rocky@dlp.srv.world "cat /etc/passwd" rocky@dlp.srv.world's password: root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin ..... ..... sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin tcpdump:x:72:72::/:/sbin/nologin rocky:x:1000:1000::/home/rocky:/bin/bash |
|
SSH Client : Windows #1
|
|
Configure SSH Client for Windows.
|
|
| [6] |
Download a SSH Client software for Windows.
Install and start Putty, then Input your server's Hostname or IP address on [Host name] field and Click [Open] button to connect.
On this example, it uses Putty (www.chiark.greenend.org.uk/~sgtatham/putty/). |
|
| [7] | After successing authentication, it's possible to login and operate Rocky Linux server from remote computer. |
|
|
SSH Client : Windows #2
|
| [8] | If you are using Windows 10 version 1803 or later, OpenSSH Client has been implemented as a Windows feature, so it's possible to use [ssh] command on PowerShell or Command Prompt without Putty or other 3rd party SSH softwares. |
|
Matched Content