Redhat Linux 9 Lab: Exercise 20-1 Configuring SSH Security Options

Link playlist
Red Hat Enterprise Linux Administration
https://www.youtube.com/playlist?list=PLIpLw6v7Z1qnIUiJipjgYEHwxF16TZbCN

2023 08 30 02 17 49

Exercise 20-1 Configuring SSH Security Options
In this exercise, the sshd process should be configured on
server1. Use a second server, server2, to test access to server1.
1. Open a root shell on server1, and from there, open the sshd
configuration file /etc/ssh/sshd_config in an editor.
2. Find the Port line, and below that line add the line Port 2022.
This tells the sshd process that it should bind to two different
ports, which ensures that you can still open SSH sessions
even if you have made an error.
3. Add the line AllowUsers student to the SSH configuration
file as well.
4. Save changes to the configuration file and restart sshd, using
systemctl restart sshd. You will see an error message.
5. Type systemctl status -l sshd. You’ll see a “permission
denied” error for SSH trying to connect to port 2022.
6. Type semanage port -a -t ssh_port_t -p tcp 2022 to apply the
correct SELinux label to port 2022.
7. Open the firewall for port 2022 also, using firewall-cmd —
add-port=2022/tcp, followed by firewall-cmd –addport=2022/tcp –permanent
8. Type systemctl status -l sshd again. You’ll see that the sshd
process is now listening on two ports.
9. Try to log in to your SSH server from your other server,
using ssh -p 2022 student@server1. After the user shell has
opened, type su – to get root access.