Configuring the OpenSSH server on Linux
How to configuring the OpenSSH Server on Linux.
About this task
To configure the OpenSSH Server, follow these steps on each Tivoli® Netcool® Performance Manager system where SFTP is to be used:
Procedure
- Log in to the system as
root. -
Change your working directory to the location where the OpenSSH Server was installed (
/etc/sshby default) using the following command:# cd /etc/ssh - Using the text editor of your choice, open the
sshd_configfile. This is an example of asshd_configfile:#*************************************************************************** # sshd_config # This is the sshd server system-wide configuration file. See sshd(8) # for more information. # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options change a # default value. Port 22 Protocol 2 ListenAddress 0.0.0.0 HostKey /etc/ssh/ssh_host_rsa_key SyslogFacility AUTH LogLevel INFO PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys RhostsAuthentication no RhostsRSAAuthentication no HostbasedAuthentication no PasswordAuthentication yes ChallengeResponseAuthentication no Subsystem sftp /usr/libexec/openssh/sftp-server #**************************************************************** - Locate the
Protocolparameter. For security purposes, it is recommended that this parameter is set toProtcol 2as follows:Protocol 2 - Locate the
HostKeys for protocol version 2parameter and ensure that it is set as follows:HostKey /etc/ssh/ssh_host_rsa_key - Locate the
PubkeyAuthenticationparameter and ensure that it is set as follows:PubkeyAuthentication yes - Locate the
PasswordAuthenticationparameter and ensure that it is set as follows:PasswordAuthentication yes - Locate the
Subsystemparameter and ensure that the SFTP subsystem and path are correct. Using defaults, theSubsystemparameter appears as follows:Subsystem sftp /usr/libexec/openssh/sftp-server