, ,

Hi friends today i am going to share SSH Server Configuration in Linux. It’s a step by step guide & i have also added some security tips related to SSH Server.

What is SSH?


SSH stands for secure shell.
secure shell means information sent over ssh terminal is totally encrypted. ssh encrypt data before sending it over the network. SSH is basically a network protocol for secure data communication.

SSH in Rhel5, Rhel6

Rhel5/6 use a free version of SSH named as openssh. Openssh uses secure tunneling and some other authentication methods to encrypt data before sending it over insecure network like internet. Unsecured protocol telnet is totally replaced by SSH


Important noteworthy points before configuring SSH server in Rhel5/Rhel6


>sshd (secure shell daemon) service is used by ssh server in rhel5/6.

>On command line we use ssh(secure shell) command to execute various operations.

>SSH use port 22 as its default port

To generate public/private keys we use ssh-keygen utility

We need a SSH server system and a SSH  client system to perform SSH in Rhel5, Rhel6

Today we are going to use yum package management tool to install SSH packages.

If you do not know how to install packages with yum then first read below tutorial==>

Read also: Configure yum server in Linux?


>You have to configure firewall to allow ssh service. If you do not want to use firewall rules then simply flush firewall rules with below command==>


#iptables -F


if you have configured firewall on your Rhel5/Rhel6 then simply allow SSH as shown below


#iptables -A INPUT -p tcp –dport 22 -j ACCEPT


Important commands used in configuring SSh server in Rhel5/Rhel6


#rpm -qa | grep ssh
#yum install openssh*
#service sshd restart
#chkconfig sshd on
#service sshd status
#ssh (ip-address of target pc)
#ssh user@(ip-address of user)


Configuration file of ssh server


To configure SSH server one must know the configuration file of SSH . The configuration file of SSH server is




configuration file of SSH client system is ==> /etc/ssh/ssh_config

< All entries related to SSH configuration should be made under this file>


Step by step tutorial on SSH server configuration on Rhel5/Rhel6.


Step 1


First of all check which packages are required for SSH server configuration.




Step 2


Now install all above packages using yum as shown below


#yum install openssh*



here * indicates that all packages related to openssh will installed .


Step 3


Now restart the SSH service. To make SSH service entry in startup script use chkconfig command and at last to view status of ssh use sshd status command.


ssh in linux


Step 4


First of all note down the ip address of SSH server system.


ssh in linux


Step 5


Now we need to add some users so that we can test our SSH server. So add a user as shown below.

#useradd sam
#passwd sam



So our user sam is created successfully.


Step 6


Now its time to configure SSH  client system.

First of all install all packages related to openssh in linux client system

#yum install openssh*




Here root@shankar is our SSH client system.


Now restart the ssh service and then use chkconfig command to make ssh service permanent entry in startup script.



Now its time to do ssh . First do ssh on sam user of SSH server system.

#ssh sam@ip-address
#ssh sam@



Now we are on user sam , to check status use who am i command.


Step 7


Now from Linux client system try to do ssh on root of SSH server system.

#ssh root@ip-address of server
#ssh root@



So as you see now we are onroot of SSH server system. So we have successfully tested SSH from client system to SSH  server system, it means SSH  is successfully configured on Rhel5/Rhel6


Read also ==>

|| Telnet server configuration in Linux ??

” SSH server security in Rhel5/Rhel6″


How to give banner warning at the time of SSH login?


if you want to warn a unauthorized user to do ssh on your system then you have option to set warning at SSH login. To do it follow below steps.


Step 1

First in SSH  server system we have to edit /etc/issue.net file to set ssh warning. So first give all permissions to this file–>

#chmod     777     /etc/issue.net


Go to /etc/issue.net file using vim editor.

#vim  /etc/issue.net

ssh banner


Step 2


Now press I to insert into the edit mode and write down below lines

warning : do not enter into my PC



now save this file by esc:wq


Step 4


Now go to SSH configuration file and in the last line  you will find a banner line directive.In this line just change the path of banner line as shown below




Step 5


Now save the configuration file and restart the ssh service.

#service  sshd  restart


Step 6


now do ssh from Linux client system to sam user of server system

ssh sam@



Now you will get a warning before SSH login.


How to change SSH port?


As we know default port for SSH is 22 but to make SSH more secure we can change its port to some other value ,for e.g. 3434.


Steps to change SSH port ==>


Step 1


First of all in SSH  server system go to SSH configuration file.

#vim  /etc/ssh/sshd_config


Step 2


Now in SSH configuration file you find following directive ==> #Port 22

First remove the # sign and then change its value from 22 to 3434

Port 3434

ssh port change


Step 3


Now save the file by pressing esc + : + wq and enter


Step 4


Whenever you modified SSH configuration file you have to restart the SSH service. so simply restart the SSH service


#service sshd restart


Step 5


Now go to Linux client system  and do ssh  with default port and modified port.




Now you see client system is unable to login by using default port, but while using modified port it will easily able to login.


How to permit root login on SSH sever?


By default root login is disabled on SSH server .we have to manually turn it on by modifying SSH configuration file

to permit root login simply go to SSH configuration file and uncomment (remove # sign)  from the following directive.

#PermitRootLogin yes (just remove # sign)



now simply save the file and restart the ssh service => 

#service sshd restart


How to enable password authentication for local users?


simply go to SSH configuration file and uncomment the following directive.

#PasswordAuthentication yes



simply remove # sign and save the file and restart the ssh service.

#service sshd restart


How to limit the users to get access to a system via SSH?


It’s a type of added SSH security . By default in SSH configuration file you didn’t find a directive related to this security, so you have to add extra directive to make this


First of all go to SSH configuration file.
Now add an additional directive==>

AllowUsers  sam  peter
AllowUsers  sam@  peter@



now simply save the file and restart the ssh service.


How to restrict or deny a user to get access to a system via SSH ?


To deny a user to do ssh on a system we have to add an additional directive to SSH configuration file.

go to SSH configuration file and add following directive ==>

DenyUsers  sam

ssh deny


Save the file and restart the ssh service ==>

#service sshd restart


Now to test that the sam user access is restricted or not let’s check it ==>


go to linux client system and try to do ssh on sam user.

#ssh sam@ 


now you will see that client system is not able to login to sam user of Linux server system.


so friends today we learned how to install and configure SSH server in Linux and how to implement security in it.


Final thoughts

This is not full tutorial on SSH server. we will post 2nd part of SSH server in upcoming days. hope you like the 1st part of this tutorial. If you have any queries related to SSH server then comment below in the comment section, we feel happy to solve your queries  and do follow us and share this article on Facebook and other social networking sites.