Lab
A Cloud Guru

Managing SSH Settings

In this lab, we will look at how to manage SSH settings on a Linux host. We will change the default listening port of SSH on a Linux host. Then, we'll configure SSH restrictions on the host to only permit SSH from a specific subnet.

Try for free Contact sales

Path Info

Level

Beginner

Duration

30m

Published

Apr 15, 2019

Challenge

Change the default SSH port 22 to port 22000.
1. To change the default port of 22 to 22000 for SSH, we'll need to edit the sshd_config file with the following command:
```
sudo nano /etc/ssh/sshd_config
```
1. Then, we'll need to edit one of the lines:
```
Uncomment "#Port 22" and replace 22 with 22000
```
1. Now, we'll need to restart the SSH service:
```
sudo service sshd restart
```
Challenge

Restrict SSH by Source IP using TCP Wrappers.
1. We will need to edit the hosts.allow and hosts.deny files used by TCP Wrappers. Let's start with the hosts.deny file:
```
sudo nano /etc/hosts.deny
```
  Add the line:
```
sshd : ALL
```
  Then, save and exit the file.
2. Now we need to edit the hosts.allow file:
```
sudo nano /etc/hosts.allow  
```
  Add the following line:
```
sshd : 10.0.0.0/24  
```
  Save and close the file.

Author

A Cloud Guru

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.