SSH Server : Password Authentication
2017/07/17 |
Configure SSH Server to login to a server from remote computer.
|
|
[1] | OpenSSH is already installed by default even if you installed Fedora with [Minimal Install], so it's not necessarry to install new packages. You can login with Password Authentication by default, but change some settings for security like follows. |
[root@dlp ~]#
vi /etc/ssh/sshd_config # line 38: change ( prohibit root login remotely ) PermitRootLogin no
# line 64: uncomment PermitEmptyPasswords no PasswordAuthentication yes systemctl restart sshd |
[2] | If Firewalld is running, allow SSH service. SSH uses 22/TCP. |
[root@dlp ~]# firewall-cmd --add-service=ssh --permanent success [root@dlp ~]# firewall-cmd --reload success |
SSH Client : Fedora
|
Configure SSH Client for Fedora.
|
|
[3] | Install SSH Client. |
[root@client ~]# dnf -y install openssh-clients
|
[4] | Connect to SSH server with a common user. |
# ssh [username@(hostname or IP address)] [root@client ~]# ssh fedora@dlp.srv.world The authenticity of host 'dlp.srv.world (127.0.53.53)' can't be established. ECDSA key fingerprint is xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:60:90:d8. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'dlp.srv.world' (ECDSA) to the list of known hosts. fedora@dlp.srv.world's password: # password of the user [fedora@dlp ~]$ # just logined |
[5] | It's possbile to execute commands on remote Host with SSH like follows. |
# for example, run [cat /etc/passwd] [cent@client ~]$ ssh fedora@dlp.srv.world "cat /etc/passwd" fedora@dlp.srv.world's password: root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin ... ... tcpdump:x:72:72::/:/sbin/nologin fedora:x:1000:1000:fedora:/home/fedora:/bin/bash |
SSH Client : Windows
|
Configure SSH Client on Windows.
|
|
[6] | Get a software which you can login with SSH from Windows clients. This example shows to use Putty. Install and start it and input your server's IP address and Click [Open] button like follows. |
[7] | After successing authentication, it's possible to login like follows. |