SSH Server (Demo)

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
21 hours 25 minutes
Difficulty
Intermediate
CEU/CPE
21
Video Transcription
00:00
>> Hey, Cybrarians. Welcome back to
00:00
the Linux plus course here at Cybrary.
00:00
I'm your instructor Rob Gills,
00:00
and in today's lesson,
00:00
we're going to cover SSH servers and the SSH role.
00:00
Upon completion of today's lesson,
00:00
you're going to understand the importance
00:00
of Secure Shell or SSH,
00:00
we're going to talk about how SSH could be used,
00:00
and then we're going to install and/or
00:00
configure that SSH server role.
00:00
The Secure Shell or SSH is used to
00:00
connect from one server to another
00:00
>> via the command line.
00:00
>> We got to see that a little bit and
00:00
we've used it a few times at this point.
00:00
Now, SSH replaced Telnet,
00:00
which was not secure.
00:00
All data that was sent in
00:00
Telnet was sent via plain text,
00:00
and it also replaced a few other commands,
00:00
notably File Transfer Protocol, FTP,
00:00
was replaced by Secure FTP,
00:00
which is just FTP that is
00:00
tunneled through the SSH protocol.
00:00
Remote Copy, was replaced by SCP, Secure Copy,
00:00
and we got to see how that
00:00
works when we played around with
00:00
doing file transfer in a previous lesson,
00:00
and then Remote Shell,
00:00
RSH, is also replaced by SSH.
00:00
With SSH, you can not only
00:00
just connect to another server,
00:00
you can also tell that other server, hey,
00:00
I'm going to connect to you and run a command on
00:00
you remotely without actually
00:00
having to land on the server.
00:00
Now, remember this, SSH communicates over port 22.
00:00
That's going to be important.
00:00
I am going to venture,
00:00
I guess that it will probably be on the exam.
00:00
Port 22 is a common port, you all need to know this,
00:00
and SSH works by providing encryption around
00:00
the data that gets sent between
00:00
the servers or between a client and a server.
00:00
Let's see how SSH is set up and
00:00
configured with some demo time.
00:00
Here we are over and in our demo environment and today,
00:00
we're going to be working in a Ubuntu.
00:00
The reason is that SSH is
00:00
configured by default on CentOS 8.
00:00
But in order to connect to an Ubuntu server over SSH,
00:00
we need to install open SSH server.
00:00
The way that we can do that is by running
00:00
the command apt,
00:00
install, open SSH-server.
00:00
This is going to go ahead and update things,
00:00
and this is going to provide me with
00:00
a prompt to install this.
00:00
In fact, what we see is it is already installing,
00:00
it's creating an SSH key,
00:00
setting up a cryptographic key
00:00
>> for this tool to be setup.
00:00
>> It's also creating a symlink,
00:00
so this will be included with the multiuser target.
00:00
When the multiuser target works or starts up,
00:00
it will include SSH and
00:00
start loading that surface, as well.
00:00
At this point, what we can do is, we can
00:00
do a system CTL,
00:00
enable SSH, and we see that that has been enabled,
00:00
and now, we can go ahead and make
00:00
sure that this has started.
00:00
We do a system CTL,
00:00
start on SSH, and that's been started, as well.
00:00
Now, we can see that by doing a system CTL status
00:00
on SSH, and there we go.
00:00
It's loaded, it's active, and it's running.
00:00
How else can we test this? Well,
00:00
this server is actually called the Ubuntu 20.
00:00
We can do an SSH to Ubuntu 20 and hit "Yes",
00:00
and now, it's connecting.
00:00
We can now provide my password so
00:00
we can connect to it that way,
00:00
and this should let us in and
00:00
drop us to the shell that were
00:00
already in or it will
00:00
be if we type in the right password.
00:00
Apologies here. Let's just cancel a lot of that.
00:00
Let me get back to my user
00:00
and now, we'll do an SSH here.
00:00
Do SSH to Ubuntu 20,
00:00
and yes, I'll add my password,
00:00
hit "Enter", and now,
00:00
we're at the command line.
00:00
We're at the command line for
00:00
the server that were already on.
00:00
But if we try to connect to the server from like say,
00:00
our CentOS server, we
00:00
won't be able to do this at this point,
00:00
we could do it probably via IP address
00:00
or if we added the IP
00:00
and the name of the server into the ETC host file,
00:00
we can connect to it via host name.
00:00
Now, using DNS in this environment,
00:00
so that's really our only option.
00:00
Now, a couple of things to understand about
00:00
SSH in Linux is
00:00
server acts as both a client and an SSH server,
00:00
and because of this, the configuration for
00:00
SSH is controlled by two different files.
00:00
If you're talking about the client settings,
00:00
those are configured in the file etc, SSH, SSH_config.
00:00
If we look at this file, it's
00:00
going to control information
00:00
about global SSH client settings.
00:00
These are generally not touched and they could be
00:00
overwritten by the user SSH config.
00:00
If you look into a user home directories,
00:00
so say, for instance,
00:00
and we do an ls-al on my home directory,
00:00
on home rob,
00:00
we can see that I have a.SSH file in here.
00:00
If I do a ls on SSH,
00:00
we can see that that has a bunch of files in, as well.
00:00
One file that we could add here is
00:00
a config file and that will override
00:00
the settings that are in the ETC SSH, SSH_config file.
00:00
But when you're talking about a SSH server,
00:00
that configuration is held in ETC, SSH, SSH d_config.
00:00
SSHD for SSH daemon,
00:00
that's the daemon or demon or service that runs SSH.
00:00
Inside of here,
00:00
we can see other things like, for instance,
00:00
we can see the port that setup by default,
00:00
it's set on port 22,
00:00
we could change that by uncommenting
00:00
that line and changing the port.
00:00
We also in general just see ways that we can
00:00
configure the server to allow clients to connect to it.
00:00
Public key authentication, yes,
00:00
we can turn that off, we don't want to do that.
00:00
We can turn off password based
00:00
authentication if we don't want to do that.
00:00
We can set the amount of grace time setup for a login,
00:00
a lot of things in this file, but in general,
00:00
those are the only two things
00:00
that you're going to need to know
00:00
about the SSH configuration files, ETC,
00:00
SSH, SSH_config is for the client,
00:00
where ETC SSH, SSH D_config is for the server.
00:00
With that, we've reached the end of this lesson.
00:00
In this lesson, we covered the importance of SSH.
00:00
We also talked about the uses of SSH and
00:00
the previous applications which it replaced,
00:00
and then we talked about how to install
00:00
or configure the SSH server role.
00:00
Thanks so much for being here and I look
00:00
forward to seeing you in the next lesson.
Up Next