Link to home
Create AccountLog in
Avatar of Victor Kimura
Victor KimuraFlag for Canada

asked on

set up SSH for Putty acces on centos

Hi,

I'm wondering how do I set up SSH so that I can login securely via PUTTY to my home server that's running Centos 5.x.

Much thanks,
Victor
Avatar of bobalob
bobalob
Flag of United Kingdom of Great Britain and Northern Ireland image

Please see the following links...

http://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-openssh-server-config.html

http://wiki.centos.org/HowTos/Network/SecuringSSH

You basically just need to install OpenSSH and generate some certificates. If you want to log in without requiring a password you can setup the authorized_keys file in a folder called .ssh in the users home directory. For Windows use the PuTTY agent Pageant, and on *nix you can share the public key easily enough.
ASKER CERTIFIED SOLUTION
Avatar of Monis Monther
Monis Monther
Flag of Iraq image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Avatar of Victor Kimura

ASKER

Hi small_student,

I'd like to set up all those options. So I don't need to install OpenSSH as bobalob suggested?

I tried to connect via my vista using PUTTY to my home server and it states network error:connection refused. I'm behind a router (Linksys WRV200).

What do I need to open in my router or is there some setting that I need to change on my centos?

Thanks, Victor

SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
[root@seokingdomheaven vkimura]# service iptables stop
Flushing firewall rules:                                   [  OK  ]
Setting chains to policy ACCEPT: filter nat                [  OK  ]
Unloading iptables modules:                                [  OK  ]
[root@seokingdomheaven vkimura]# setenforce 0
[root@seokingdomheaven vkimura]# chkconfig iptables off
[root@seokingdomheaven vkimura]# service sshd status
openssh-daemon (pid  2808) is running...
[root@seokingdomheaven vkimura]#

I still get that same error.I'm thinking that I had to update my dns recently via dyndns. It shouldn't take long to propogate, right?
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
I put my ip address in there.
oddly enough I can't get my httpd to start. Are you sure that I shouldn't be opening something on the router?
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
No I just tried using putty from my windows vista. It's on the same lan. I assume that isn't the problem (being on the same lan - that is).
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
when I telnet 192.168.1.106 22 on my vista I get:
SSH-2.0-OpenSSH_4.3

so it looks like it's working.

Yup that means that it is working. Ok then when you use putty what do your get, post a screen shot of the error please
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
That seems to work with 192.168.1.106.

I tried logging in with my username vkimura and the password that I login to the computer but it's denying me to get in.

That other ip was obtained by searching for what's my ip on the WAN.
Oh, I had to use root as the username.

But I want someone from outside my lan to putty into my machine.
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Do i set that up in port forwarding or port triggering or both on my router. I get those two mixed up. I know the router has NAT. Is there a way to confirm this is working:
publicIPOfRouter:Port22--->192.168.1.106:22



Can you please show me how to:
If you are looking for fine tunning your configuration then there are many things you can do

1- Prevent root logins and login with a normal user then su - to become root
2- Change the port you connect to SSH
3- Disable passwrods and create key based authintication
4- Allow only certain users to have access to SSH

Much thanks. I really appreciate your help. =)
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.