How to install and configure SSH server on Debian Linux?

Installing and testing the SSH Server

You will need to be root to do the following

su

  1. Install SSH Server

    apt install openssh-server
     

  2. Check if the server process exists. This indicates the install went well.

    ps -A | grep sshd

    ទិន្នផល (or similar): 1753 ? 00:00:00 sshd

     

  3. Install SSH Client to check the SSH Server connection

    apt install openssh-client

    Connect to localhost to test connection

    ssh localhost

    Also login with the interface IP address

    Get IP Address

    ip addr

    SSH to the ip address

    ssh {ipaddress here}
     

Securing the SSH Server

It is a good idea to secure the SSH server by disallowing root to login and configuring login only by public key i.e. login using passwords is not allowed

Ensure to execute the following commands as your user and not as root

  1. Navigate to the user home directory

    cd
     

  2. Check if .ssh exists

    ls -a
     

  3. If .ssh does not exist, create it

    mkdir .ssh
     

  4. Set the folder permission to 700

    chmod 700 .ssh
     

  5. Create the authorized_keys file

    touch ./.ssh/authorized_keys
     

  6. Change permission on the authorized_keys file to 600

    chmod 600 ./.ssh/authorized_keys
     

  7. Open the authorized_keys file

    nano ./.ssh/authorized_keys
     

  8. Paste your public key into the file

    You can get your public key from the SSH client. If the client is ប្រព័ន្ធ​ប្រតិបត្តិការ Windows 10 then it will be in the %USERPROFILE%/.ssh/id_rsa.pub file. If the client is ដេបៀន then the public key is ~/.ssh/id_rsa.pub.

    If your public key does not exist, generate it on the client machine

    ssh-keygen -t rsa -C "email@domain.com"
     

  9. Change to root user

    su

  10. Configure your SSH server to accept only public key logins and prevent login for root

    nano /etc/ssh/sshd_config

    Uncomment and/or edit the following lines

    PermitRootLogin no
    StrictModes yes
    PubkeyAuthentication yes
    AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
    PasswordAuthentication no
     

  11. Restart the sshd service

    service sshd restart
     

  12. Try logging in as root from your SSH client using password

    ssh root@{ssh server ip address}

    ទិន្នផល: Permission denied (publickey).

     

  13. Try logging in as username from your SSH client using password

    ssh username@{ssh server ip address}

    ទិន្នផល: Permission denied (publickey).

     

  14. Try logging in as root from your SSH client using the public key

    ssh root@{ssh server ip address} -i .ssh/id_rsa

    ទិន្នផល: Permission denied (publickey).

     

  15. Log in as username from your SSH client using the public key

    ssh username@{ssh server ip address} -i .ssh/id_rsa
     

If your SSH client has a static IP address then you may want to consider only your IP address can login to the SSH server.

ទុក​ឱ្យ​ឆ្លើយ​តប​មួយ