+3 votes
446 views
How to install OpenSSH Linux client and server

in Linux / Unix by (552k points)
reopened | 446 views

1 Answer

+4 votes
Best answer

1. Install OpenSSH client on Linux
2. Install OpenSSH server on Linux

One of the most used connection methods for its security and compatibility levels is the SSH connection . This guarantees us a secure connection for data transfer. In order to improve connectivity and performance levels through SSH, we have a resource called OpenSSH through which the entire connectivity process will be managed in a much clearer and more concrete way. Through this tutorial we will see how to install OpenSSH on Linux to have better options when it comes to protecting the transfer of information ..

What is OpenSSH?
OpenSSH has been developed to act as a connectivity tool through remote login using the SSH protocol. When OpenSSH is implemented, all traffic is encrypted in order to eliminate potential hazards such as connection hijacking, unauthorized access and other attacks. In addition to this, OpenSSH offers a set of secure tunnel capabilities, multiple authentication methods and various configuration options so that we have the opportunity to make better use of it.
OpenSSH tools
The OpenSSH suite consists of the following tools:
  • Remote operations which are done using ssh, scp and sftp.
  • Key management through ssh-add, ssh-keysign, ssh-keyscan and ssh-keygen.
  • The service side is composed of sshd, sftp-server and ssh-agent.
OpenSSH features
Within the different OpenSSH features we find:
  • Open source project with free license.
  • OpenSSH is available under a BSD license.
  • Various crypto options such as AES, ChaCha20, RSA, ECDSA, Ed25519 and more.
  • Forwarding X11 which allows the encryption of X Windows remote traffic, thus preventing attackers from accessing remote xterms or inserting malicious commands.
  • Port forwarding which allows the forwarding of TCP / IP connections to a remote machine through an encrypted channel.
  • Better levels of authentication which protect against various security failures.
  • SFTP client and server support.
OpenSSH news
The recently released version of OpenSSH is 7.9 which comes with a series of new features and new features such as:
  • It is now allowed to specify most of the port numbers through getservbyname service names.
  • The IdentityAgent configuration directive may accept environment variable names.
  • Supports signaling sessions through the SSH protocol.
  • It is compatible with "ssh -Q sig" to list the supported signature options.
  • Supports key revocation lists (KRL) to revoke the keys specified by the SHA256 hash.

Next, we will see how to install OpenSSH on Linux.

Previous requirements
For OpenSSH to work in the correct way we must have the following:
  • C compiler
  • Zlib 1.1.4 or 1.2.1.2 or higher
  • LibreSSL or OpenSSL> = 1.0.1 <1.1.0

1. Install OpenSSH client on Linux

Step 1

Before starting we will check the version of SSH installed with the following command:
 ssh -V 
image
Step 2

Now we are going to install the dependencies which are the development tools or essential elements of compilation, as well as other necessary packages, for this we execute one of the following commands:
CentOS / RHEL 7/6
 sudo yum group install 'Development Tools' sudo yum install zlib-devel openssl-devel 
Fedora
 sudo dnf group install 'Development Tools' sudo dnf install zlib-devel openssl-devel 
Debian / Ubuntu
 sudo apt update 
image
Step 3

There we enter the letter S to confirm the download and installation of OpenSSH.
 sudo apt install build-essential zlib1g-dev libssl-dev 
image

2. Install OpenSSH server on Linux

Step 1

Now we are going to create an environment to install the OpenSSH version 7.9 server, for this it will be necessary to create a new user and system group called "sshd", then secure it with chroot, we execute the following lines:
 sudo mkdir / var / lib / sshd sudo chmod -R 700 / var / lib / sshd / sudo chown -R root: sys / var / lib / sshd / sudo useradd -r -U -d / var / lib / sshd / -c "sshd privsep" -s / bin / false sshd 
image
Step 2

The parameters used are:
Create User
Useradd is instructed to create a system user
 -r 
Create group
The creation of a group with the same name and group ID is indicated.
 -OR 
Indicate Directory
The user directory is specified
 -d 
add comment
It is used to add a comment.
 -c 
Indicate shell
The user's shell is specified.
 -s 
Step 3

Once this is done, we will download the latest version of OpenSSH by running the following line:
 wget -c https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.9p1.tar.gz 
image
Step 4

We proceed to decompress the downloaded file and access the new directory:
 tar -xzf openssh-7.9p1.tar.gz cd openssh-7.9p1 / 
image
Step 5

The next step is to build and install the OpenSSH server through the options "--with-md5-passwords, --with-privsep-path and --sysconfdir", which will install all the files in the / usr / local directory / which is the default PREFIX installation. To see all the available options we will execute “./configure -h” and from there it will be possible to customize the installation as necessary:
 ./configure -h 
image
Step 6

If we want to enable PAM and SELinux support, we will add the –with-pam and –with-selinux options like this:
 ./configure --with-md5-passwords --with-pam --with-selinux --with-privsep-path = / var / lib / sshd / --sysconfdir = / etc / ssh make sudo make install 
image
Step 7

Finally, we can verify that we have the latest version of OpenSSH by running:
 ssh -V 
image
Step 8

The OpenSSH configuration files are in the following paths:
User settings
User-specific ssh client configurations (alias ssh) and keys are stored in this directory.
 ~ / .ssh / * 
System wide configuration
Refers to the ssh client configurations of the entire system.
 / etc / ssh / ssh_config 
Sshd service configuration
The sshd service configurations are hosted there.
 / etc / ssh / sshd_confi 

We can see how OpenSSH is a practical alternative to manage and have better options when using SSH..


by (3.5m points)
edited

Related questions

+4 votes
1 answer
asked Aug 31, 2020 in Linux / Unix by backtothefuture (552k points) | 946 views
+5 votes
1 answer
+5 votes
1 answer
+5 votes
1 answer
+5 votes
1 answer
Sponsored articles cost $40 per post. You can contact us via Feedback

Most popular questions within the last 30 days

10,659 questions
10,791 answers
510 comments
3 users