Home / server / Questions / 145953
Accepted
Anonymous12345
Asked: 2010-05-28 09:24:54 +0800 CST

ssh (openSSH) questions

  • 772

I have ubuntu 9.10 server.

Firstly, is OpenSSH the same as SSHD?

Secondly, In the terminal when typing whereis sshd i get this:

   whereis sshd
   /usr/sbin/sshd

Also when typing whereis openssh i get this:

  whereis openssh
 /usr/lib/openssh

How do I know if I have openssh?

Also, some tutorials online suggest opening sshd_config, so when typing this:

  whereis sshd_config
  /usr/share/man/man5/sshd_config.5.gz // I get this...

What should I do, because as you have answered my other Q about security, you have pointed out that it is the way you configure your ssh and etc which is important.

Is there any guide for this? How should I configure this?

I will be the only user for this server btw...

If you need more input let me know and I will update this Q.

Thanks

linux ubuntu security ssh

4 Answers

  1. Best Answer

    Firstly, is OpenSSH the same as SSHD?

    Short answer: Yes.

    Long answer: Not really. OpenSSH officially refers to a whole suite of binaries, libraries, etc, that facilitate SSH communication. SSHD referrs specifically to the server process which listens for ssh client connections, controls their access, and grants clients terminal access to the server.

    How do I know if I have openssh?

    If you're running Ubuntu, you have openssh, as that's the default ssh daemon that ubuntu ships with.

    Its sshd_config is located in /etc/ssh/sshd_config. Run $ man sshd_config for a full list of configuration options.

    Is there any guide for this? How should I configure this?

    What specific help are you looking for? Post more details and I'll give you the information you need.

    • 7

  2. Authorized keys are well covered in the ssh man page. Try 'man -k ssh' to get a list of man pages related to ssh. ssh-keygen it the tool to create the keys for you. There is a helper program ssh-copy-id to assist in securely copying the the public key to another system.

    If you want to understand how they work, then look for articles on public key encryption. SSH always uses one key from the server. Authorized keys adds using a key from the client to identify the client. Authorized keys are a copy of the clients key stored in ~/.ssh/authorized_keys. As such they are only valid for the user id for which they are authorized. The man page documents options used to restrict what the key can be used for: program, source IP, port forwarded, etc.

    Authorized keys are a good option if you want to run programs across systems in batch mode. It is a good idea to at least limit the systems which can use a given key. This will make it more difficult to use a stolen key.

    Putty (the ssh client for windows) uses a different storage format for the keys. It will provide the public key in the appropriate format for openssh. This is covered in the putty documentation.

    • 0

  3. SSHD : SSH Daemon that listens at Port 22(default) for SSH connections from other clients

    OpenSSH : a secure OpenSource Implementation of SSH (quite popular over Linux World), normally is the Package used to implement SSH Protocol, it has several binaries supporting the SSH inclusive of this daemon service.

    OpenSSH consists of a number of programs:

    • sshd
    • ssh
    • scp
    • ssh-keygen
    • ssh-agent
    • ssh-add
    • sftp-server
    • sftp
    • ssh-keyscan
    • ssh-keysign
    • 0

  4. The command whereis foo searches for files and folders named 'foo'.

    To find out the exact ssh (or any) program that you are using, use the 'which' command as follows:

    $which foo
    /usr/bin/foo

    • 0