1. What is SSH?
A) SSH (Secure Shell) is a cryptographic network protocol used to securely access and manage remote systems over an unsecured network.
It encrypts all communication between client and server.
2. What is the default port of SSH and can it be changed?
A) Default SSH port is 22. Yes, it can be changed in /etc/ssh/sshd_config using the Port directive.
Example:
Port 2222
3. What is the difference between SSH, Telnet, and RSH?
A)
- SSH → Encrypted, secure communication.
- Telnet → Plaintext, insecure.
- RSH → Older remote shell, insecure.
4. What are the main authentication methods supported by SSH?
A)
- Password authentication
- Public key authentication
- Keyboard-interactive authentication
- Host-based authentication
5. How do you generate SSH keys?
A) Using ssh-keygen:
ssh-keygen -t rsa -b 4096 -C "user@example.com"
6. How do you copy an SSH public key to a remote server?
A)
ssh-copy-id user@remote_host
7. What is the difference between SSH1 and SSH2?
A)
- SSH1: Old, less secure.
- SSH2: Current standard, stronger encryption, integrity checking, more secure.
8. How do you disable password authentication and allow only key-based login?
A)
- Edit /etc/ssh/sshd_config and set:
- PasswordAuthentication no
- PubkeyAuthentication yes
- Then restart SSH service.
9. What are sshd_config and ssh_config?
A)
- sshd_config → Server-side SSH daemon configuration file.
- ssh_config → Client-side SSH configuration file.
10. How do you restrict SSH access to specific users or groups?
A) In /etc/ssh/sshd_config:
AllowUsers user1 user2
AllowGroups sshusers
11. How do you check active SSH connections?
A)
who
w
ss -tnpa | grep ssh
12. How do you secure SSH?
A)
- Use key-based authentication
- Change default port from 22
- Disable root login (PermitRootLogin no)
- Restrict users/groups
- Enable fail2ban or intrusion prevention
- Use firewalls to restrict access
Real-Time SSH Troubleshooting Scenarios
Scenario 1: SSH Connection Timeout
Problem: When trying to connect ssh user@server, it just hangs or times out.
Possible Causes & Fix:
Firewall blocking port 22 → telnet server 22 or nc -zv server 22
SSH service not running → systemctl status sshd
Wrong IP/hostname → check /etc/hosts or DNS resolution.
Scenario 2: Permission Denied (publickey,password)
Problem: User gets Permission denied error.
Possible Causes & Fix:
Wrong username → ensure correct login user.
Key not copied to ~/.ssh/authorized_keys on server.
Permissions incorrect →
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
Scenario 3: SSH Works with Password but Not with Key
Problem: Password login works, but key-based login fails.
Possible Causes & Fix:
PasswordAuthentication yes but PubkeyAuthentication disabled in /etc/ssh/sshd_config.
Wrong public key format (extra spaces/line breaks).
SELinux blocking → check with restorecon -Rv ~/.ssh.
Scenario 4: Root Login Denied
Problem: ssh root@server says access denied.
Fix: Check /etc/ssh/sshd_config:
PermitRootLogin yes
Scenario 5: SSH Works from One Server but Not Another
Problem: You can SSH from server A → B, but not from server C → B.
Fix:
Firewall rules blocking C.
Host keys mismatch in ~/.ssh/known_hosts. Try:
ssh-keygen -R serverB
Scenario 6: “WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!”
Problem: Server’s host key has changed.
Fix: Remove old entry:
ssh-keygen -R server_ip
Then reconnect.
Scenario 7: Slow SSH Login
Problem: SSH login takes 30+ seconds.
Causes:
DNS reverse lookup issue.
GSSAPI authentication delay.
Fix: In /etc/ssh/sshd_config:
UseDNS no
GSSAPIAuthentication no
Scenario 8: Too Many Authentication Failures
Problem: ssh fails after trying many keys.
Fix: Specify the correct key manually:
ssh -i ~/.ssh/id_rsa user@server
Or limit keys in ~/.ssh/config.
Scenario 9: SSH Port Changed
Problem: Admin changed SSH port to 2222.
Fix:
ssh -p 2222 user@server
Scenario 10: Idle Session Disconnects
Problem: SSH disconnects after being idle.
Fix:
Client side:
echo "ServerAliveInterval 60" >> ~/.ssh/config
Server side:
ClientAliveInterval 60
ClientAliveCountMax 3