Took up the activity of trying out SSH today. what is it? I am sure you have heard of telnet. We know it as a remote login client. Similarly there is another called rlogin. SSH is a very secure implementation of telnet or rlogin using encryption. Hence, very unsurprisingly, SSH is Secure Shell.
The two guinea pigs involved were my HP Pavilion dv6000 laptop running Ubuntu 11.04 (the latest one!) and an assembled desktop PC running Windows XP.
On the XP machine I downloaded the putty software package. On the website you will find a zip folder that carries all the Putty client variants like Putty, PSCP, Pageant,Puttygen. I downloaded the same. On the Ubuntu machine, i installed the OpenSSH server using the following command:
sudo apt-get install openssh-server
Command output:
Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
rssh molly-guard openssh-blacklist openssh-blacklist-extra
The following NEW packages will be installed:
openssh-server
0 upgraded, 1 newly installed, 0 to remove and 43 not upgraded.
Need to get 0 B/311 kB of archives.
After this operation, 840 kB of additional disk space will be used.
Preconfiguring packages ...
Selecting previously deselected package openssh-server.
(Reading database ... 130586 files and directories currently installed.)
Unpacking openssh-server (from .../openssh-server_1%3a5.8p1-1ubuntu3_i386.deb) ...
Processing triggers for ureadahead ...
Processing triggers for ufw ...
Processing triggers for man-db ...
Setting up openssh-server (1:5.8p1-1ubuntu3) ...
ssh start/running, process 18521
amit@HP-Pavilion-dv6000:~$ ps -A|grep sshd
18521 ? 00:00:00 sshd
This command not only installs the server application but also executes it. The last line in the command output shows the PID for the sshd server task. You can also confirm the same using:
ps -A|grep sshd
Command output:
18521 ? 00:00:00 sshd (which matches with the earlier mentioned PID)
Next I extracted the Putty archive and executed the Putty.exe application on the XP machine. Putty.exe can serve as an SSH, Telnet and Rlogin client. Entered the IP address of the laptop. Selected SSH as the protocol. Kept the port value to its default of 22. You get a prompt "login as:". So we have to enter the username of the account in ubuntu ("amit" in my case). next you are prompted for the account password. Once you enter that, you are IN. Done. Simplest remote access using SSH complete. To add some level of security, we can change the default port to something other than 22, say 202. The same change has to be done on the Ubuntu side. This helps protect the server from brute force attacks especially if the server is exposed to the Internet.
So, run
sudo vi /etc/ssh/sshd_config
The above command opens the sshd_config file in the vi editor. Go into the Insert mode in vi by pressing 'i'. The first uncommented line in this file is "Port 22". Change that to "Port 202". Press "ESC" and type ":wq" to save the changes. Now run Putty session again maintaining the port as 22. You will get an error "Network error: Connection refused". Change the port to 202 (or value as written in the config file) and run the putty session. You will be prompted for the username and password as you were earlier.
You can also specify the username in the Hostname field itself..i.e. instead of just writing the IP address(eg. 192.168.1.3), we can write username@IPaddress(eg. amit@192.168.1.2). With this, you will only be required to enter the password everytime. This is because, you can save the hostname and port information as a session and use this information again later by selecting the session from the list and clicking on "Load".
Another good practice that helps protect the server from brute-force SSH attacks is disabling the SSH login for root account. This is because in case of a root account,for a hacker, it is one less parameter to be guessed. he only has to crack the password. Assigning non-standard usernames helps in a great way, say SSH users. This can be done by giving a "no" for the PermitRootLogin field in the sshd_config file.
Next post would be on using keys for authentication...a special feature of OpenSSH and putty......
