/etc/ssh/sshd_config
file. It is important to understand the settings in the file, however, as failure to properly configure OpenSSH could lead to your system being vulnerable to attack.
/etc/ssh/sshd_config
you will see several settings (and some you will not see) for setting up OpenSSH as a service. Information on all possible choices within the /etc/ssh/sshd_config
can be found by man sshd_config
.
/etc/ssh/sshd_config
choices to address include the following:
yes Enables access with password and public key |
no Disables all direct remote logins as root |
without-password Allows access with public key authentication only |
forced-commands-only Allows access with public key authentication and only runs configured commands from ~/.ssh/authorized_keys (in the form of: allowed-command-name ssh-dsa public-key-string ) |
no
.
aes128-ctr,blowfish-cbc
. The supported ciphers for Protocol 2 are “3des-cbc”, “aes128-cbc”, “aes192-cbc”, “aes256-cbc”, “aes128-ctr”, “aes192-ctr”, “aes256-ctr”, “arcfour128”, “arcfour256”, “arcfour”, “blowfish-cbc”, and “cast128-cbc”.
Important
sshd
service after editing the configuration files before the settings take place.