Admin Guide ( Unix System Administration) Configuring SSH Server As CP+ admin, you can configure SSH Server. To set up SSH Server, log in as admin and select SSH Server in the System Monitor section of the left-side menu. You will have the following options to choose from: • Authentication to set up SSH server authentication; • Networking to set networking options: what addresses to hear, protocols to accept; • Access Control to set network and login access control options; • Miscellaneous Options to set other SSH server options; • Client Host Options to add options for SSH client host • User SSH Key Setup to configure the automatic setup of SSH for new Unix users created on your system. This module allows to configure various options for the SSH server installed on the system, as well as option used when an SSH client makes a connection from your machine to another server. After making any server option changes, make sure to click the Apply Changes button at the bottom of the page for the changes to take effect. Authentication This page is for configuring authentication-related options for your SSH server. To set up authentication options, click the Authentication icon on the SSH Server page. Fill the form that shows by choosing necessary options: Some of the displayed options are : • Allow authentication by password: with this option set to 'Yes', the user will be allowed to enter a password for authentication. • Allow RSA authentication?: SSH can be setup to use RSA keys for authentication instead of the normal username and password used by telnet. If this is set to 'No', users will always need to enter their password. If this is set to 'Yes', users can log into a remote server without having to enter a password each time. • Check permissions on key files?: If set to 'Yes', the SSH server will check each user's .ssh directory and any parent directories to make sure they are not group writable, and the .ssh/identity file to make sure it is not readable by anyone else. If set to No, no checking of file permissions will be done. Click Save to preserve changes. Networking This page allows configuring networking options for the SSH server. To set up networking options, click the Networking icon on the SSH Server page. On the page that shows: Some of the displayed options are: • Disconnect if client has crashed?: If set to Yes, the SSH server will periodically check to see if the client is still alive. If not (because of a network error or client machine crash) it will be disconnected. • Allow TCP forwarding?: If this option is set, users can tunnel TCP connections from client machines to machines on the server's network, and also allow connections back from the server to machines on the client network. Choose other necessary options: addresses and ports to listen on, allowed protocols and etc. Click Save. Access Control To configure it, click the Access Control icon on the SSH Server page. On the page that shows: Fill the form that shows by choosing necessary options: addresses and ports to listen on, allowed protocols and etc. Click Save. Miscellaneous Options This page contains options that don't fit into any of the other categories. This option allows to configure different options it. Click the Miscellaneous Options icon on the SSH Server page and fill the page that shows: Some of the displayed options are: • Allow X11 connection forwarding?: with this option set to 'Yes', users making an SSH login from a Unix machine will be able to run X applications on the server and have the X connection tunnelled back through the SSH connection to their local display. • System log facility: choose the syslog facility that is used to log error and information messages from the SSH server. • Server key regeneration interval: set how often the SSH server re-generated the key used for encrypting connections. If you are cautious about security, set this to a lower number. If necessary, set other options and click Save. Client Host Options This page displays hosts and host patterns for which SSH client options have been defined. By default, defined are the options that apply to all client hosts. If necessary, you can create additional sets of options in order to control how users login to other specific servers. To configure client options for SSH host: 1. Click the Client Host Options icon on the SSH Server page. 2. On the page that shows click Add options for client host, it will open the following page: Some of the displayed options are: • Login as user: if no username is given on the ssh command line, the name of the current user is used to login to the remote SSH server. However, this option can be used to specify a different default username for a particular host or hosts. 3. Escape character: when making an interactive SSH login, the escape character can be used to break out of the connection and close or suspend it. 4. Compress SSH traffic?: With this option enabled, the SSH client will compress all data sent to this host with the gzip algorithm. This can be useful if you are copying large files with scp over a slow link. 5. Local ports to forward to server: here you can enter local port numbers which will be forwarded to some host and port by the SSH server. This can be useful if you access to some machine on some network via SSH login, and you want to access other services like web or POP servers. 6. Server ports to forward to local: in this table you can enter port numbers on the server which will be forwarded to some host and port on the client machine's network. 7. Set other options, if necessary, and click Save. To remove this option, click the Delete button. User SSH Key Setup This page allows to configure the automatic setup of SSH for new Unix users created on your system. If configured, new users will not have to run ssh-keygen before using SSH. To configure it, click the user SSH Key Setup icon on the SSH Server page and choose necessary options on the page that shows: 1. Check Setup SSH key for new Unix users and select either of the below options: • Copy new identify.pub to authorized_keys. 2. Use password as key passphrase. 3. Click Save.
Pages to are hidden for
"Admin Guide ( Unix System Administration ) Configuring SSH"Please download to view full document