LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   Secure Shell Server - How to? (Fedora 10 ) (http://www.linuxquestions.org/questions/linux-server-73/secure-shell-server-how-to-fedora-10-a-692599/)

Kratosaurion7 12-23-2008 05:39 PM

Secure Shell Server - How to? (Fedora 10 )
 
Ok, I got interested in SSH a couple of days ago, but I must admit I'm a pretty newbie in all that server stuff and networking. Its all magic to me, I was wondering if there was good guides on how to set one up. Currently the only thing I know about it is how to star it:
" service sshd start "

Also, im running Linux(Fedora 10, BTW) on a virtual machine and I was wondering: when my server is up, how the hell does people connect to it? The way my VM is set up is to share the Parent's IP, won't it cause a problem? Anyway, thanks to anyone who can find answers to my questions.

(Edit: Im ready to set it up in Ubuntu if need be)

schneidz 12-23-2008 07:47 PM

to connect to an ssh server:
Code:

ssh <user>@<ip-address>
pretty straight forward. when you tested it yourself, did it cause a conflict with the host-os's address ?

Kratosaurion7 12-23-2008 11:13 PM

Well, I had mixed results but for some problem I never could test it fully. My problem relies in the logic of the thing. Heres an example: Here is computer1, computer1 has a virtual machine(linux) that is hosting the server. Both physical and virtual machine shares the same IP address (for some reason I never quite figuered how to get him his own IP). And then I have computer2 who enters the IP of the host to connect to the SSH. But lets say he enters the IP 123.456.789.000 , will that get him to the physical machine or the virtual one?

jschiwal 12-24-2008 01:08 AM

You might want to do some reading. The www.tldp.org website has a number of howto's and books. The NAG Guide is very good. You won't have an IP address with octets over 255. If the netmask is 255.255.255.0, then when the last octet is 0, that is the network address.

Look at the manpage for ifconfig or ip. You can configure a virtual NIC device that has a name like eth0:1. This uses the same NIC as eth0 but has a different IP address.

Is there a reason you need to run a virtual machine?

Also read through the ssh, ssh_config and sshd_config manpages. You want to A) generate a key pair on the client B) Use "AllowUsers" if you have a limited number of users who will login. C) Use public key authentication. D) copy your client's public key to the ssh servers authorized_keys file.

If you don't use automated ssh connections in a cron job: D) protect your client's private key with a passphrase. E) Disable root logins.

Look at the commented paragraph above the "UsePam Yes" line for detailed instructions on the config files options to change for public key authentication.

schneidz 12-24-2008 01:23 AM

Quote:

Originally Posted by Kratosaurion7 (Post 3385733)
... will that get him to the physical machine or the virtual one?

i dunno'. try it and post back the results. if it works then you are done. if it doesnt work, post the error message and hopefully someone could help you.

jschiwal 12-24-2008 09:27 PM

You didn't provide many details on what is being used for virtualization. Xen, VMware, QEMU, Parallels, VirtualBox, UML, etal. are some examples. You could be using bridged networking, NAT networking, or Routed networking.

If your virtual machine truly uses the same IP address, you are probably using NAT networking. In that case, the host is configured to forward packets between the guest OSes and may even be configured as a DHCP server for the guests. Just like a NAT Cable router, the host will need to be configured to forward port 22 to your guest VM before you can accept connections from another computer. If your parents machine runs its own ssh service, then you will need to use a different port for ssh and have that port forwarded to your VM.

Another method is bridging. The Host and VMs are connected to a virtual network. One virtual network per physical NIC device. The host acts like a switch.

A third method is routed networking. The host machine is a router to the virtual machines.


All times are GMT -5. The time now is 03:54 AM.