CyberKeeda In Social Media
Showing posts with label SSH Server. Show all posts
Showing posts with label SSH Server. Show all posts

How to enable password based ssh authentication in ec2 instance

 



EC2 Linux SSH Authentication.

By default, preferred and default way of accessing any ec2 linux instance is key based authentication.
Here in this blog post, we will know 
  • How to enable basic authentication that is password based authentication in ec2 instance.
  • How to enable root login to ec2 instance.
I will keep on updating the post as per my learnings and used in practical scenarios.

Let's go through it :)

How to enable root login on linux ec2 instance.
  • Login to ec2 linux instance using it's private key.
  • Sudo to root
  • change password for root
  • Permit root login in sshd_config file

Syntax

[ec2-user@ip-10-0-1-116 ~]$ sudo su

Change root password from below command.


[root@ip-10-0-1-116 ec2-user]# passwd root

Permit root login by un-commenting the below line in sshd_config


[root@ip-10-0-1-116 ec2-user]# vi /etc/ssh/sshd_config

From


# PermitRootLogin yes

To

PermitRootLogin yes


How to enable password based authentication for ssh user.
  • Login to ec2 linux instance using it's private key.
  • Sudo to root
  • Permit root login in sshd_config file
  • Restart sshd service

Syntax

[ec2-user@ip-10-0-1-116 ~]$ sudo su

Permit root login by un-commenting the below line in sshd_config


[root@ip-10-0-1-116 ec2-user]# vi /etc/ssh/sshd_config

From


# PasswordAuthentication yes

To

PasswordAuthentication yes

Restart SSHD service

service sshd restart


Login and check !
Read more ...

How to allow only SFTP access and no shell access.

 

Requirement :
  • Restricted to SFTP access
  • Disallow all SSH connection coming from sftp user
Lab setup details
  • Ubuntu 16.04
  • Hostname : cyberkeeda.sftp.com

  • Create a sftp user

Syntax Template

# adduser sftpadmin

  • Create a sftp folder, this folder will be used for sftp user
  • Provide ownership to root and give other users only read and execute rights.

Syntax Template

# mkdir /var/sftpdata
# chown root.root /var/sftpdata

# chmod 755 /var/sftpdata

  • Update SSH server config file with below snippet 

Syntax Template

# vim /etc/ssh/sshd_config

  • Copy paste the below snippet at the bottom of the file and save.

Syntax Template


Match User sftpadmin ForceCommand internal-sftp PasswordAuthentication yes ChrootDirectory /var/sftpdata PermitTunnel no AllowAgentForwarding no AllowTcpForwarding no X11Forwarding no

  • Restart SSHD server

Syntax Template

# systemctl restart sshd

  • Check by logging in via sftp and ssh both

Syntax Template

# sftp sftpadmin@cyberkeeda.sftp.com



Read more ...
Designed By Jackuna