Sharing Ilmu

Sharing for useful things

Securely Remote Connection using SSH on Linux CentOS/RedHat

Hello Everyone, in this tutorial I’ll explain about remote connection on server linux. Usually that are need for configuration or monitoring server remotely. One option for secure remote access we can use SSH service that are provide encryption for every packet on remotely connection between server and remote pc.

SSH service generally using TCP protocol with port number 22 as default port. On this service we can also change default port number ssh service for a more secure connection.

If you haven’t installing ssh service, you can install that service first.

# yum install openssh

enable ssh service and then make sure sshd already running.

# systemctl enable –now sshd

# systemctl status sshd

 

Test remote access to your server. if you using windows os you can using putty , and on linux you can use terminal directly.

As shown picture above, we have successful to access server remotely.  Now we will try to configure ssh to change default port ssh.  Configure in /etc/ssh/sshd_config 

# vim /etc/ssh/sshd_config

enable and change default port from 22 to port number which you want to changes.

 

Still on sshd_config you can also to configure permit login root user so that denied for login using root.

If done, exit and save. Then you must tell to SElinux if you change port ssh on your system.

# semanage port -a -t ssh_port_t -p tcp 8001

After that, check semanage port in system to make sure selinux aware about change port that are you do.

# semanage port -l | grep ssh

Make sure ssh service can run normally, restart sshd service

# systemctl restart sshd

 

Configure firewall so that port number 8001 can be allow on your system for access from client.

# firewall-cmd –permanent –add-port=8001/tcp

# firewall-cmd –reload

 

Test connection ssh to your server

Connection to ssh have successfull.

 

If you try access use default port then will error result like image bellow.

And if you try to access using port 8001, but you try login using root user then must be denied by system.

 

Leave a Reply

Your email address will not be published. Required fields are marked *.

*
*
You may use these <abbr title="HyperText Markup Language">HTML</abbr> tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>