image Remote Desktop Services Barangay Transactions Management System

How to connect to your CentOS with SSH

August 2, 2017 no comments in Uncategorized

Drop us a line...

Send Message

You recently got that shiny CentOS server up and running. You logged in a couple more times only to find out that it’s got lot’s of failed login attempts.. WTF?!! You’re being brute forced.

One solution is to enable SSH, and only use SSH. Here’s how you do it.

 

Download PuTTY (includes PuTTYgen which we will use later):

https://www.ssh.com/ssh/putty/download

Binary Platform Signature Date
putty-0.70-installer.msi Windows (any) GPG signature 017-07-08
putty-64bit-0.70-installer Windows (64-bit) GPG signature 2017-07-08
  • Install PuTTY
  • Run PuttYgen
  • Change the number of bits as needed (usually 2048 is enough but I prefer 4096)
  • Click on the generate button
  • Put in a key passphrase
  • Save the generated public and private keys

  • Run PuTTY
  • Fill in your host name and click on connect

  • Login like usual as root

First we will need to create the directories for the authorized keys file. Issue the following commands:

  • mkdir ~/.ssh
  • chmod 0700 ~/.ssh
  • touch ~/.ssh/authorized_keys
  • chmod 0644 ~/.ssh/authorized_keys

Install nano (or your favorite editor):

  • yum install nano

Edit the authorized_keys file:

  • nano ~/.ssh/authorized_keys

Copy the generated public key from PuTTYgen

Paste the text into the nano editor:

  • Hit ^X to exit saving changes

From here we can connect now using the SSH keys.

  • Start a new PuTTY Session
  • On the left pane of the PuTTY windows navigate to Connection -> Data
  • Fill in the Auto-login username as ‘root’

  • Then navigate to Connection -> Data -> SSH -> Auth
  • Browse for the the saved private key you did in the first step

  • From here you can save the connection (so you don’t need to do them all over again) and click on connect
  • Now this time it should not ask for your login credentials, instead it will ask for your passphrase from the earlier steps

 

Disable Username-Password Logins

Now that you’re all set, its always a good idea to disable username logins.

  • nano /etc/ssh/sshd_config

Find the elements from the filer and change it to as shown below:

PasswordAuthentication no
UsePAM no
  • ^X to exit and save
  • Then reboot – shutdown -r now

That’s it. Happy SSH!

About joseph
Related Posts
  • All
  • By Author
  • By Category