SSH allows users to connect to a remote linux/unix operating system and work on it as if they were actually physically near it. This allows you to work on your code/project from a remote location and not to worry about coping and pasting the changes made somewhere to another.
Setup
By default, SSH is installed on your CentOS, but even if it is not for some reason you can install it manually.
Note: all of the following commands require root privilege:
$su root
The most widely used SSH implementation is openssh which can be installed using this command:
$ yum install openssh
don’t worry if you don’t know whether or not SSH is installed on your system, the above command will detect if ssh is installed and it will ignore the request.
Configuration
To change the SSH settings, open up the following file (/etc/ssh/sshd_config) using a text editor. The easiest way to do this is using vim/vi since root privilege are required for this operation.
$ vim /etc/ssh/sshd_config
The file contains setting variables along with values First, we need to disable root access. What this means is that when using ssh to login to the computer you or anyone else shouldn’t be able to do root@mycomputer. So edit the following entry:
PermitRootLogin no
If you have specific users who are going to use ssh to login, add AllowUsers followed by the usernames, for example:
AllowUsers alice bob
For security reasons, change the default port from 22 to something else that is not being used by another process (for example do not use port 80, or 3433). To change the default port edit the following entry:
Port 4322
We are done with the ssh config file, so save and close it.
Al the last entry we changed the default port from 22 to 4322. Doing this would also require you to modify the Operating system firewall to allow access to port 4322. The firewall setting file is located at (/etc/sysconfig/iptables), so open it up using a text editor.
$ vim /etc/sysconfig/iptables
by default, port 22 is open on the firewall and the entry in the file that configures this is:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
so change the the number 22 to 4322 or any number you picked yourself.
-A INPUT -m state --state NEW -m tcp -p tcp --dport 4322 -j ACCEPT
Now save and close the file.
Since we modified the ssh server and the firewall settings, we need to restart the two services (or daemons).
$ service iptables restart $ service sshd restart
if you have a router installed, read the rest of the steps.
Router Firewall
Your firewall is configured to ignore incoming packets. So we need to open up the new port 4322 and set it to route all the traffic to our PC using port forwarding.
First lets get the ip of the computer.
$ ifconfig
usually the first paragraph that starts with eth0, is the NIC your looking for. The IP should start with 192.168.xxx.xxx, in my case it is 192.168.1.3
Second go to your router page and find port forwarding page. Set the start and end ports to 4322 and the destination IP to the IP we found from last step, in my case this is 192.168.1.3. The specific steps are dependent on your router manufacturer.
Other Resources
CentOS Wiki page for SSH: http://wiki.centos.org/HowTos/Network/SecuringSSH
Pingback: Setting up Git on CentOS | Garejoor