Victor Kimura
asked on
set up SSH for Putty acces on centos
Hi,
I'm wondering how do I set up SSH so that I can login securely via PUTTY to my home server that's running Centos 5.x.
Much thanks,
Victor
I'm wondering how do I set up SSH so that I can login securely via PUTTY to my home server that's running Centos 5.x.
Much thanks,
Victor
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi small_student,
I'd like to set up all those options. So I don't need to install OpenSSH as bobalob suggested?
I tried to connect via my vista using PUTTY to my home server and it states network error:connection refused. I'm behind a router (Linksys WRV200).
What do I need to open in my router or is there some setting that I need to change on my centos?
Thanks, Victor
I'd like to set up all those options. So I don't need to install OpenSSH as bobalob suggested?
I tried to connect via my vista using PUTTY to my home server and it states network error:connection refused. I'm behind a router (Linksys WRV200).
What do I need to open in my router or is there some setting that I need to change on my centos?
Thanks, Victor
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
[root@seokingdomheaven vkimura]# service iptables stop
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter nat [ OK ]
Unloading iptables modules: [ OK ]
[root@seokingdomheaven vkimura]# setenforce 0
[root@seokingdomheaven vkimura]# chkconfig iptables off
[root@seokingdomheaven vkimura]# service sshd status
openssh-daemon (pid 2808) is running...
[root@seokingdomheaven vkimura]#
I still get that same error.I'm thinking that I had to update my dns recently via dyndns. It shouldn't take long to propogate, right?
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter nat [ OK ]
Unloading iptables modules: [ OK ]
[root@seokingdomheaven vkimura]# setenforce 0
[root@seokingdomheaven vkimura]# chkconfig iptables off
[root@seokingdomheaven vkimura]# service sshd status
openssh-daemon (pid 2808) is running...
[root@seokingdomheaven vkimura]#
I still get that same error.I'm thinking that I had to update my dns recently via dyndns. It shouldn't take long to propogate, right?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I put my ip address in there.
ASKER
oddly enough I can't get my httpd to start. Are you sure that I shouldn't be opening something on the router?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
No I just tried using putty from my windows vista. It's on the same lan. I assume that isn't the problem (being on the same lan - that is).
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
when I telnet 192.168.1.106 22 on my vista I get:
SSH-2.0-OpenSSH_4.3
so it looks like it's working.
SSH-2.0-OpenSSH_4.3
so it looks like it's working.
Yup that means that it is working. Ok then when you use putty what do your get, post a screen shot of the error please
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
That seems to work with 192.168.1.106.
I tried logging in with my username vkimura and the password that I login to the computer but it's denying me to get in.
That other ip was obtained by searching for what's my ip on the WAN.
I tried logging in with my username vkimura and the password that I login to the computer but it's denying me to get in.
That other ip was obtained by searching for what's my ip on the WAN.
ASKER
Oh, I had to use root as the username.
But I want someone from outside my lan to putty into my machine.
But I want someone from outside my lan to putty into my machine.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Do i set that up in port forwarding or port triggering or both on my router. I get those two mixed up. I know the router has NAT. Is there a way to confirm this is working:
publicIPOfRouter:Port22--- >192.168.1 .106:22
publicIPOfRouter:Port22---
ASKER
Can you please show me how to:
If you are looking for fine tunning your configuration then there are many things you can do
1- Prevent root logins and login with a normal user then su - to become root
2- Change the port you connect to SSH
3- Disable passwrods and create key based authintication
4- Allow only certain users to have access to SSH
Much thanks. I really appreciate your help. =)
If you are looking for fine tunning your configuration then there are many things you can do
1- Prevent root logins and login with a normal user then su - to become root
2- Change the port you connect to SSH
3- Disable passwrods and create key based authintication
4- Allow only certain users to have access to SSH
Much thanks. I really appreciate your help. =)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-openssh-server-config.html
http://wiki.centos.org/HowTos/Network/SecuringSSH
You basically just need to install OpenSSH and generate some certificates. If you want to log in without requiring a password you can setup the authorized_keys file in a folder called .ssh in the users home directory. For Windows use the PuTTY agent Pageant, and on *nix you can share the public key easily enough.