Remotely Administer Your Linux Server

Install SSH server in Ubuntu

sudo apt-get install openssh-server

This will complete the installation.the package will take care of creating the initial RSA and DSA keys you need, as well as providing you with a default SSH config.

Connecting to the server

Now you can connect to the server from other machines using the following command

ssh serveripaddress, or use putty in Windows



Configure SSH

The main configuration file located at /etc/ssh/sshd_config and the default configuration will enables remote root logins and X11 forwarding which is not good for your server security. So now we will disable these two options.

Disable remorte root logins

For this you need to search for the following line in /etc/ssh/sshd_config file

PermitRootLogin yes

and change this to the following one

PermitRootLogin no

Disable X11 forwarding

For this you need to search for the following line in /etc/ssh/sshd config file

X11Forwarding yes

and change this to the following one

X11Forwarding no

After finishing your configuration you need to restart SSH server using the following command

sudo /etc/init.d/ssh restart

X11 Forwarding

If you want to use X11 Forwarding option so that you can connect your remote machine desktop using Xterm if you want to connect the X11 session you need to use the following command

ssh -X serveripaddress

Copy Files Securely using SCP

Another common need is to be able to copy files between servers you are administering. While you could set up FTP on all of the servers, this is a less-than-ideal and potentially insecure solution. SSH includes within it the capability to copy files using the scp command. This has the added benefit of copying the files over a secure channel along with taking advantage of any key-based authentication you might have already set up.

To copy a file to a remote machine use the following command

scp /path/to/file user@remotehost:/path/to/destination

If you need to copy from the remote host to the local host, reverse the above command

scp user@remotehost:/path/to/file /path/to/destination

if you need to copy an entire directory full of files to a remote location, use the -r argument

scp -r /path/to/directory/ user@remotehost:/path/to/destination/

If you are transferring logfiles or other highly compressible files, you might benefit from the -C argument. This turns on compression, which, while it will increase the CPU usage during the copy, should also increase the speed in which the file transfers.

Use the -l argument to limit how much bandwidth is used. Follow -l with the bandwidth you want to use in kilobits per second. So, to transfer a file and limit it to 256 Kbps use the following command

scp -l 256 /path/to/file user@remotehost:/path/to/destination

About Paul Cardelli, CISSP
Cyber Security Analyst, and computer guru

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: