 |
OpenSSH stands for open source secure shell. It is a set of
computer programs providing encrypted communication sessions over a computer
network using the SSH protocol. OpenSSH was created by
the OpenBSD team. It’s development is funded via
donations. The last five versions of OpenSSH are:
·
OpenSSH 6.1: August 29, 2012
·
OpenSSH 6.0: April 22, 2012
·
OpenSSH 5.9: September 6,
2011
·
OpenSSH 5.8: February 4,
2011
·
OpenSSH 5.7: January 24,
2011
OpenSSHs’ principle:
OpenSSH provides a server daemon and client tools to facilitate
secure, encrypted remote control and file transfer operations.
The OpenSSH server component, sshd, listens for client connections
from any of the client tools. When a connection request occurs, sshd sets up
the correct connection depending on the type of client tool connecting. For
example, if the remote computer is connecting with the ssh client application,
the OpenSSH server sets up a remote control session after authentication. If a
remote user connects to an OpenSSH server, the OpenSSH server daemon initiates
a secure copy of files between the server and client after authentication.
OpenSSH can use many authentication methods, including password and public key.
 |
| Figure 1 Principle of OpenSSH |
Installation:
Installation
of the OpenSSH client and server applications is simple. To install the OpenSSH
client applications on Ubuntu system, the following command is used at a
terminal prompt:
sudo
apt-get install openssh-client
To install
the OpenSSH server application the following command is used at a terminal
prompt:
sudo
apt-get install openssh-server
Configuration:
Once
OpenSSH has been installed. It can be configured by editing the sshd
configuration file where locates at /etc/ssh/sshd_config. The following
are examples of configuration directives you may change:
·
To set OpenSSH to
listen on TCP port 2222 instead of the default TCP port 22, change the Port
directive as such:
Port 2222
·
To have sshd allow public
key-based login credentials, simply add or modify the line: PubkeyAuthentication yes
p /etc/ssh/ sudo
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.original
sudo chmod a-w
/etc/ssh/sshd_config.original
to effect the change using
the following command at terminal prompt:
sudo
/etc/init.d/ssh restart
Conclusion
OpenSSH
encrypt communications between hosts over an insecure network, and it’s great
for logging into and executing commands remotely. It’s also useful for port forwarding
which allows us to securely tunnel arbitrary TCP connections and for secure
file transfers using the SFTP protocol.
find more details about OpenSSH
