OpenSSH on CentOS

How often do we have to access a machine to perform the most diverse operations? With the SSH protocol everything is very simple and practical.
Today I will teach you how to install OpenSSH on CentOS 7.

OpenSSH is a set of tools that allows us to remotely manage machines using the SSH protocol. Unlike other tools such as Telnet, RCP, rlogin, and FTP, OpenSSH ensures that communications between machines is secure because it uses encryption to encrypt all traffic (including passwords).

OpenSSH is a free version of the SSH implementation. For those who do not know, SSH — Secure Socket Shell is a protocol that allows you to securely access and manage Linux and other machines remotely.

For this tutorial, I will assume that CentOS 7 is installed and you have a static IP on centOS machine.

If you don’t have CentOS installed, you can follow this tutorial.

For setting a static IP you can follow this one.

We will have these three steps:

1. Update Centos 7 & Install OpenSSH
2. Set Firewall Exception for SSH
3. Test with multiple platforms:)

Update centOS & Install OpenSSH

To do this, we will use the command-line package-management that comes with centOS, yum. Simply follow the following commands (you need to execute the commands as root):

# yum update -y && yum install -y openssh openssh-server

After the installation, to verify that everything is working correctly run:

$ systemctl status sshd

In my case the service is active and running, as shown in the image.
If, for some reason the service did not initialize properly, we can initialize it with:

# chkconfig sshd on  
     
         OR
# service sshd start

If you have Firewall enabled, you need to configure its exception:

# firewall-cmd --add-service ssh
# firewall-cmd --reload

Test on Windows

Now we have everything ready to make the first access!
If you are using Windows, you will need an external program: Putty.

Where it says Hostame or IP Adress, you just enter the server’s Local IP, the default port of SSH (22) and click Open.

The following message will appear.

In this case, Putty is asking you to verify that the server you’re logging into is who it says it is. This is due to the possibility that someone could be eavesdropping on your connection, posing as the server you are trying to log into. You need some “out of band” method of comparing the key fingerprint presented to Putty with the fingerprint of the public key on the server you wish to log into.

ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub

The key fingerprints should match; click “Yes” to accept the warning and cache this host key in the registry. You won’t receive further warnings unless the key presented to Putty changes for some reason; typically, this should only happen if you reinstall the remote server’s operating system. If you should receive this warning again from a system you already have the host key cached on, you should not trust the connection and investigate matters further.

Once you’ve accepted the host key, you’ll be presented with a session window similar to the following:

You should login with your credentials and that’s it. We are connected via SSH on the server.

Test on macOS or Linux

On Apple (MacOS) or Linux systems, you can access via Terminal using the following command:

$ ssh user@localIP

You will be prompted to a message about authenticity. Write Yes and hit Enter.

That’s it. We are connected via SSH on the server!

Hope you enjoyed this tutorial.

In the next ones, I’ll be connected via SSH to the centOS machine to be easier.