Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

set up SSH for Putty acces on centos

Posted on 2010-11-10
23
Medium Priority
?
1,842 Views
Last Modified: 2012-05-10
Hi,

I'm wondering how do I set up SSH so that I can login securely via PUTTY to my home server that's running Centos 5.x.

Much thanks,
Victor
0
Comment
Question by:Victor Kimura
  • 11
  • 10
  • +1
23 Comments
 
LVL 3

Expert Comment

by:bobalob
ID: 34101952
Please see the following links...

http://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-openssh-server-config.html

http://wiki.centos.org/HowTos/Network/SecuringSSH

You basically just need to install OpenSSH and generate some certificates. If you want to log in without requiring a password you can setup the authorized_keys file in a folder called .ssh in the users home directory. For Windows use the PuTTY agent Pageant, and on *nix you can share the public key easily enough.
0
 
LVL 14

Accepted Solution

by:
Monis Monther earned 1800 total points
ID: 34101959
It comes ready for you out of the box. simply start putty and put the IP address and click open
0
 
LVL 14

Assisted Solution

by:Monis Monther
Monis Monther earned 1800 total points
ID: 34101998
If you are looking for fine tunning your configuration then there are many things you can do

1- Prevent root logins and login with a normal user then su - to become root
2- Change the port you connect to SSH
3- Disable passwrods and create key based authintication
4- Allow only certain users to have access to SSH

Let me know what you want exactly and I will guide through
0
Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

 

Author Comment

by:Victor Kimura
ID: 34102597
Hi small_student,

I'd like to set up all those options. So I don't need to install OpenSSH as bobalob suggested?

I tried to connect via my vista using PUTTY to my home server and it states network error:connection refused. I'm behind a router (Linksys WRV200).

What do I need to open in my router or is there some setting that I need to change on my centos?

Thanks, Victor

0
 
LVL 14

Assisted Solution

by:Monis Monther
Monis Monther earned 1800 total points
ID: 34102736
I think there is nothing you need to do on your router. You need to disable the firewall in Linux and also disable SELinux

from linux command line as user root issue the following command

service iptables stop
setenforce 0
chkconfig iptables off

Now make sure that the SSH service is up and running

service sshd status

It should give you running

Now after this please confirm that you could at least connect to SSH after that we would consider applying the seecurity measures we mensioned
0
 

Author Comment

by:Victor Kimura
ID: 34102879
[root@seokingdomheaven vkimura]# service iptables stop
Flushing firewall rules:                                   [  OK  ]
Setting chains to policy ACCEPT: filter nat                [  OK  ]
Unloading iptables modules:                                [  OK  ]
[root@seokingdomheaven vkimura]# setenforce 0
[root@seokingdomheaven vkimura]# chkconfig iptables off
[root@seokingdomheaven vkimura]# service sshd status
openssh-daemon (pid  2808) is running...
[root@seokingdomheaven vkimura]#

I still get that same error.I'm thinking that I had to update my dns recently via dyndns. It shouldn't take long to propogate, right?
0
 
LVL 14

Assisted Solution

by:Monis Monther
Monis Monther earned 1800 total points
ID: 34102909
ok simply use the ip address in putty instead of the hostname

in putty's HostName or Ip Address Field put the ip of your server and the port should be 22

0
 

Author Comment

by:Victor Kimura
ID: 34103005
I put my ip address in there.
0
 

Author Comment

by:Victor Kimura
ID: 34103019
oddly enough I can't get my httpd to start. Are you sure that I shouldn't be opening something on the router?
0
 
LVL 14

Assisted Solution

by:Monis Monther
Monis Monther earned 1800 total points
ID: 34103064
Well if you are going through any sort of firewall then you should have port 22 open for SSH thats all you need to connect to SSH.
0
 
LVL 14

Assisted Solution

by:Deepak Kosaraju
Deepak Kosaraju earned 200 total points
ID: 34103076
As long as u didn't add specific restrictions on your router u need not touch the setting on your router. Http is the another problem at first r u able to ssh to the machine using putty. Make sure ssh works first then we can help u on http.
0
 

Author Comment

by:Victor Kimura
ID: 34103123
No I just tried using putty from my windows vista. It's on the same lan. I assume that isn't the problem (being on the same lan - that is).
0
 
LVL 14

Assisted Solution

by:Monis Monther
Monis Monther earned 1800 total points
ID: 34103276
Your Vista and CentOS are on the same LAN
Your SSH service is up and running
IPtables is disabled on CentOS

You still cant connect.

Does your Vista have any sort of firewall, Mcafee,SYmantec, KAspersky agent, zonealarm, anti malware. anything of this type ? please disable them.

You can test with the follwoing

telnet 192.168.0.5 22

I am assuming that your CentOS ip is 192.168.0.5, post the output that you get please
0
 

Author Comment

by:Victor Kimura
ID: 34103345
when I telnet 192.168.1.106 22 on my vista I get:
SSH-2.0-OpenSSH_4.3

so it looks like it's working.

0
 
LVL 14

Expert Comment

by:Monis Monther
ID: 34103371
Yup that means that it is working. Ok then when you use putty what do your get, post a screen shot of the error please
0
 
LVL 14

Assisted Solution

by:Monis Monther
Monis Monther earned 1800 total points
ID: 34103510
Why does it show 24.84.77.119 on the title of the putty window, should'nt it be 192.168.1.106

put the IP 192.168.1.106 in putty and connect.

Please make sure that no software on your windows is preventing this from working.
0
 

Author Comment

by:Victor Kimura
ID: 34103539
That seems to work with 192.168.1.106.

I tried logging in with my username vkimura and the password that I login to the computer but it's denying me to get in.

That other ip was obtained by searching for what's my ip on the WAN.
0
 

Author Comment

by:Victor Kimura
ID: 34103554
Oh, I had to use root as the username.

But I want someone from outside my lan to putty into my machine.
0
 
LVL 14

Assisted Solution

by:Monis Monther
Monis Monther earned 1800 total points
ID: 34103638
Ok sounds good now, SSH is confirmed to be working.

Now you cannot do the follwoing

Vista --> Internet -->CentOS

Becasue both Vista and CentOS are on the same private network. That is why you cannot use the publicIP from inside your private LAN to connect to SSH.

Now for someone to connect to your CentOS your router must allow NAT to your server private address that is

publicIPOfRouter:Port22--->192.168.1.106:22

Hope  this helps
0
 

Author Comment

by:Victor Kimura
ID: 34103772
Do i set that up in port forwarding or port triggering or both on my router. I get those two mixed up. I know the router has NAT. Is there a way to confirm this is working:
publicIPOfRouter:Port22--->192.168.1.106:22



0
 

Author Comment

by:Victor Kimura
ID: 34104032
Can you please show me how to:
If you are looking for fine tunning your configuration then there are many things you can do

1- Prevent root logins and login with a normal user then su - to become root
2- Change the port you connect to SSH
3- Disable passwrods and create key based authintication
4- Allow only certain users to have access to SSH

Much thanks. I really appreciate your help. =)
0
 
LVL 14

Assisted Solution

by:Monis Monther
Monis Monther earned 1800 total points
ID: 34106238
All these configurations you do from the SSH configuration file

edit the file /etc/ssh/sshd_config

1- Prevent root logins and login with a normal user then su - to become root
change

PermitRootLogin yes

to

PermitRootLogin no

2- Change the port you connect to SSH

change

Port 22

to

Port 3451

Note: In this case you must access ssh using this port and allow this port through your firewall, and in putty you change port from 22 to this number

3- Disable passwrods and create key based authintication

This is a multy step procedure you will find it clear in this link

http://www.debian-administration.org/articles/530

4- Allow only certain users to have access to SSH

change

AllowUsers

to

AllowUsers username1 username2

Note: After each time you configure something in SSH you must reload the service

service sshd reload

Hope this helps
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Suggested Courses
Course of the Month6 days, 2 hours left to enroll

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question