Install and configure ssh server on centos 7

In this tutorial, I will Install and Configure ssh server on Centos 7. SSH server known as Secure Socket Shell is a network protocol. It provides Admin login to a server from the remote computer.

Install SSH Server on Centos 7

[vagrant@DevopsRoles ~]#yum install -y openssh openssh-server openssh-clients openssl-libs

Configure SSH Server

Password Authentication

You need to create new Account to remote Server. Prohibit root login remotely.

[vagrant@DevopsRoles ~]# vi /etc/ssh/sshd_config
# uncomment and change as below
PermitRootLogin no

Restart SSH server

[vagrant@DevopsRoles ~]# systemctl restart sshd 

If Firewalld is running. Allow SSH port 22/tcp as command below

[vagrant@DevopsRoles ~]# firewall-cmd --add-service=ssh --permanent
[vagrant@DevopsRoles ~]# firewall-cmd --reload

Configure ssh Client for CentOS

Install SSH client

[vagrant@DevopsRoles ~]# yum -y install openssh-clients

Use a common user to connect to SSH Server.

[vagrant@client ~]$ ssh huupv@devopsroles.com 

How to SSH file Transfer from CentOS Client to remote Server

Using SCP (Secure Copy) for SSH file Transfer as example below

# Copy file zimbra.sh on local to remote server devopsroles.com
[vagrant@client ~]$ scp ./zimbra.sh huupv@devopsroles.com

# Copy server.txt on remote server devopsroles.com to the local
[vagrant@client ~]$ scp huupv@devopsroles.com:/home/huupv/server.txt ./server.txt

Example use SFTP ( SSH File Transfer Protocol). The default it enable but if not, you enable it add the line [Subsystem sftp /usr/libexec/openssh/sftp-server] in [/etc/ssh/sshd_config]

[vagrant@client ~]$ sftp huupv@devopsroles.com
# show current directory on remote server
sftp> pwd

# show current directory on local server
sftp> !pwd

# show files in current directory on FTP server
sftp> ls -l

# show files in current directory on local server
sftp> !ls -l

# change directory
sftp> cd public_html

# upload a file to remote server
sftp> put linux.txt devopsroles.txt

# download a file from remote server
sftp> get test.txt

# delete a directory on remote server
sftp> rmdir testdir

# delete a file on remote server
sftp> rm test3.txt

# execute commands with "![command]"
sftp> !cat /etc/passwd

# exit
sftp> quit

SSH Key-Pair Authentication

# create key pair
[vagrant@DevopsRoles ~]$ ssh-keygen -t rsa
[vagrant@DevopsRoles ~]$ mv ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys

# Transfer the secret key created on the Server to a Client
[vagrant@DevopsRoles ~]$ mkdir ~/.ssh 
[vagrant@DevopsRoles ~]$ chmod 700 ~/.ssh

# copy the secret key to local ssh directory
[vagrant@DevopsRoles ~]$ scp huupv@10.0.0.20:/home/huupv/.ssh/id_rsa ~/.ssh/ 
[vagrant@DevopsRoles ~]$ ssh -i ~/.ssh/id_rsa huupv@10.0.0.30 

# it's more secure. Disable PasswordAuthentication is no
[vagrant@DevopsRoles ~]# vi /etc/ssh/sshd_config

PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM yes

#Restart ssh service
[vagrant@DevopsRoles ~]# systemctl restart sshd 

Updating…

, ,

About HuuPV

My name is Huu. I love technology and especially Devops Skill such as Docker, vagrant, git so forth. I likes open-sources. so I created DevopsRoles.com site to share the knowledge that I have learned. My Job: IT system administrator. Hobbies: summoners war game, gossip.
View all posts by HuuPV →

Leave a Reply

Your email address will not be published. Required fields are marked *

Comment moderation is enabled. Your comment may take some time to appear.

This site uses Akismet to reduce spam. Learn how your comment data is processed.