Managing SSH Settings

In this lab, we will look at how to manage SSH settings on a Linux host. We will change the default listening port of SSH on a Linux host. Then, we’ll configure SSH restrictions on the host to only permit SSH from a specific subnet.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Change the default SSH port 22 to port 22000.

To change the default port of 22 to 22000 for SSH, we’ll need to edit the sshd_config file with the following command:
```
sudo nano /etc/ssh/sshd_config
```

Then, we’ll need to edit one of the lines:

Uncomment "#Port 22" and replace 22 with 22000

Now, we’ll need to restart the SSH service:
```
sudo service sshd restart
```

Restrict SSH by Source IP using TCP Wrappers.

We will need to edit the hosts.allow and hosts.deny files used by TCP Wrappers. Let’s start with the hosts.deny file:
```
sudo nano /etc/hosts.deny
```
Add the line:
```
sshd : ALL
```
Then, save and exit the file.
Now we need to edit the hosts.allow file:
```
sudo nano /etc/hosts.allow  
```
Add the following line:
```
sshd : 10.0.0.0/24  
```
Save and close the file.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Managing SSH Settings

About this Hands-on Lab

Learning Objectives

Additional Resources

What are Hands-on Labs

Newsletter