how to install ssh in centos 8

admin3 April 2024Last Update :

Understanding SSH and Its Importance in CentOS 8

Secure Shell (SSH) is an essential protocol for managing servers and networks securely. It provides a secure channel over an unsecured network, enabling users to log into another computer over a network, execute commands in a remote machine, and move files from one machine to another. SSH encrypts the session, making the connection safe from eavesdropping, connection hijacking, and other attacks. In CentOS 8, installing and configuring SSH is a straightforward process that enhances the security of system administration.

Prerequisites for Installing SSH on CentOS 8

Before proceeding with the installation of SSH on CentOS 8, ensure that you have:

  • A machine running CentOS 8.
  • Sudo or root privileges to execute administrative commands.
  • Access to a terminal or command line interface.
  • An active internet connection to download necessary packages.

Step-by-Step Guide to Install OpenSSH Server

Updating System Packages

Firstly, it’s always good practice to update your system packages to the latest versions. This can be done by executing the following command:

sudo dnf update -y

Installing OpenSSH Server

CentOS 8 comes with the OpenSSH server software pre-installed. However, if it’s not installed for some reason, you can install it using the following command:

sudo dnf install openssh-server -y

After installation, start the SSH service with:

sudo systemctl start sshd.service

Enabling OpenSSH Service at Boot

To ensure the SSH service starts automatically upon system boot, enable it using the systemctl command:

sudo systemctl enable sshd.service

Configuring the Firewall for SSH

If you have firewalld running, you’ll need to allow SSH traffic through the firewall:

sudo firewall-cmd --permanent --add-service=ssh
sudo firewall-cmd --reload

Verifying SSH Service Status

You can check the status of the SSH service to confirm it’s running properly:

sudo systemctl status sshd.service

Securing SSH on CentOS 8

Changing the Default SSH Port

Changing the default SSH port (22) to a non-standard port can help reduce the risk of automated attacks:

sudo nano /etc/ssh/sshd_config

Find the line that says #Port 22, remove the #, and change 22 to your desired port number. Save and exit the file, then restart the SSH service:

sudo systemctl restart sshd.service

Disabling Root Login

Preventing the root user from logging in via SSH adds an extra layer of security:

sudo nano /etc/ssh/sshd_config

Find the line that says #PermitRootLogin yes, change it to PermitRootLogin no, save and exit the file, and restart the SSH service.

Using Public Key Authentication

Public key authentication is more secure than password authentication. To set it up, generate a key pair on the client machine and copy the public key to the CentOS server:

ssh-keygen
ssh-copy-id user@your_centos_server_ip

Then, disable password authentication on the server by editing the sshd_config file and setting PasswordAuthentication no.

Troubleshooting Common SSH Installation Issues

Dealing with Failed Service Start

If the SSH service fails to start, check for syntax errors in the configuration file or conflicting services on the same port.

Resolving Firewall Blockage

Ensure that the correct port is allowed through the firewall and that there are no IP-based restrictions preventing access.

FAQ Section

How do I know if SSH is installed on my CentOS 8?

Run rpm -q openssh-server to check if the package is installed.

Can I use a custom port for SSH?

Yes, you can specify a custom port in the /etc/ssh/sshd_config file.

What should I do if I’m locked out of my server after changing SSH settings?

Always keep a backup of the original configuration and maintain console access to revert changes if necessary.

Is it necessary to restart the SSH service after making configuration changes?

Yes, for changes to take effect, you must restart the service with sudo systemctl restart sshd.service.

How can I further secure my SSH server?

Consider using fail2ban to protect against brute-force attacks, regularly updating your system, and using SSH keys instead of passwords.

Conclusion

Installing and securing SSH on CentOS 8 is a critical step in managing your server’s security. By following this guide, you can ensure that your SSH service is not only installed but also configured with best practices in mind. Regular maintenance and vigilance will keep your connections secure and your data protected.

Leave a Comment

Your email address will not be published. Required fields are marked *


Comments Rules :

Breaking News