Install and configure the SSH Server on the Ubuntu Server

In yesterday's article, I recorded the process of building a small Ubuntu Server. I believe that if you follow what I wrote, your Ubuntu Server will be ready to run. However, this system is only a basic system and cannot be considered as a server, because nothing can be done. If you want it to perform the server's functions, you also need to install some software for it.
 
Because the servers I need will eventually be "abandoned" in a certain corner of the LAB. A remote management tool must be installed for both later setup and maintenance. In Linux, openssh is the best choice. Installing openssh in Ubuntu is really a simple task. The following content is only a pure record, and I will prepare a copy for this cainiao. If you are a master, you can bypass it directly.
 
Preparations before installation
Ubuntu is easy to use because it inherits the debian apt system. We believe that you have learned this in the system installation tutorial yesterday. However, apt depends on the network. The system we installed yesterday cannot be connected to the network for the time being. We need to set it up first.
 
First, activate the NIC of the server. The command is as follows:
 
Sudo nano/etc/network/interfaces
 
Add the following content to interfaces:
 
Auto eth0
Iface eth0 inet static
Address 202.113.235.181
Netmask 255.255.255.0
In gateway 202.113.235.1, the IP address marked in italic is set on our server. You need to modify it according to your actual situation. Of course, if your server uses DHCP to allocate IP addresses, you only need to write iface eth0 inet dhcp. You do not need to set address/netmask/gateway.
 
Then, modify resolv. conf to configure the DNS server:
 
Sudo nano/etc/resolv. conf
 
Add your DNS server address:
 
Nameserver 202.113.16.10
After nameserver 202.113.16.11 is complete, restart the networking service:
 
Sudo/etc/init. d/networking restart
 
In this way, the network can be connected. If you are using ADSL, you may need to install pppoe and other things. Considering that the server rarely uses such a configuration, we will not discuss it here. If you need it, you can find it online.
 
Install and set OpenSSH Server
Installing OpenSSH Server in Ubuntu is very easy. Only one command is required:
 
Sudo apt-get install openssh-server
 
Later, Ubuntu automatically downloads and installs openssh server, and resolves all dependencies. After completing this operation, you can find another computer and then use an SSH client (PuTTy is strongly recommended) to enter the IP address of your server. If everything is normal, you can connect later. You can log on with the existing user name and password.
 
In fact, if you have no special requirements, you can install OpenSSH Server here. However, further setting can shorten the OpenSSH logon time and improve security. All of this is implemented by modifying the openssh configuration file sshd_config.
 
First, you may find that it takes a long time to prompt you to enter the password after entering the user name. In fact, this is because sshd needs to reverse query the dns information of the client. We can disable this feature to greatly increase the logon speed. First, open the sshd_config file:
 
Sudo nano/etc/ssh/sshd_config
 
Find the GSSAPI options section and comment out the following two lines:
 
# GSSAPIAuthentication yes
# GSSAPIDelegateCredentials no and restart the ssh service:
 
Sudo/etc/init. d/ssh restart
 
Try again. It should be very fast.
 
Use PuTTy to log on to the server through certificate authentication
In the SSH service, all content is encrypted and secure. However, if you can use the Certificate for authentication, the security will be further improved, and after some settings, you can also achieve the effect of automatic login for certificate authentication.
 
First, modify the sshd_config file to enable the certificate authentication option:
 
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile % h/. ssh/authorized_keys after modification, restart the ssh service.
 
Next, we need to create a private key and a public key for the SSH user. First, you need to log on to the account that requires key establishment. Here, you must exit the root user. If necessary, use the su command to switch to another user. Then run:
 
Ssh-keygen
 
Here, we can store the generated key in the default directory. The passphrase will be prompted During the creation process, which is equivalent to adding a password to the certificate, which is also a measure to improve security, so even if the certificate is accidentally copied away, It is not afraid. Of course, if this field is left blank, PuTTy will automatically log on to the system after passing the certificate authentication.
 
The ssh-keygen command generates two keys. First, we need to rename the public key to the server:
 
Cd ~ /. Ssh
Mv id_rsa.pub authorized_keys, copy the private key id_rsa from the server, and delete the id_rsa file on the server.
 
The settings on the server are complete. The following steps need to be done on the client computer. First, we need to convert the id_rsa file to the format supported by PuTTy. Here we need to use the PuTTyGEN tool:
 
Click the Load button on the PuTTyGen interface, select the id_rsa file, enter passphrase (if any), and then click Save PrivateKey. The private key accepted by PuTTy is ready.
 
Open PuTTy, enter the Server IP address in the Session, click the Browse button under Connection-> SSH-> Auth, and select the generated private key. Return to the Connection option and enter the User Name of the certificate in Auto-login username. Return to the Session tab and enter a name to Save the Session. Click Open at the bottom to log on to the server through certificate authentication. If passphrase exists, passphrase is required during the logon process. Otherwise, it is very convenient to log on directly to the server.
 
Now, I will write this article today, and then gradually write the installation and settings of AMP, Proftpd, and Squid.
 
Link to the original article **: Click ** install and configure the SSH Server on the Ubuntu Server