Aug 28 2012

How to setup an sftp/ssh server with denyhosts on ubuntu

Category: Linux,tutorialerm @ 2:50 am

Throughout this document I will have <keywords> encapsulated in brackets. Substitute what the keyword is for the appropriate value. For instance <username>@localhost would become erm@localhost, or whatever your username is.

Cliffnotes version commands:

Install open ssh:
$ sudo apt-get install openssh-server

Backup ssh config:
$ sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.`date +%Y-%m-%d`.bak

Edit /etc/ssh/sshd_config:
$ sudo nano /etc/ssh/sshd_config

Enable sftp:
Subsystem sftp /usr/lib/openssh/sftp-server
*save*

Restart ssh:
$ sudo /etc/init.d/ssh restart
OR
$ sudo service ssh restart

Test your server:
$ ssh <username>@localhost

Test your connection:
$ echo $SSH_CLIENT

Log out of ssh:
$ <ctrl+d>
OR
$ exit

Install denyhosts:
$ sudo apt-get install denyhosts

Backup denyhosts config:
$ sudo cp /etc/denyhosts.conf /etc/denyhosts.conf.`date +%Y-%m-%d`.bak

Edit denyhosts config:
$ sudo nano /etc/denyhosts.conf

Edit lines:
BLOCK_SERVICE = ALL
DENY_THRESHOLD_INVALID = 5
DENY_THRESHOLD_RESTRICTED = 1
RESET_ON_SUCCESS = yes
*save*

Restart denyhosts:
$ sudo /etc/init.d/denyhosts restart
OR
$ sudo service denyhosts restart

Get your remote ip:
Visit: ipchicken.com or whatismyip.com

Get your lan/local ip:
$ ifconfig

Login via remote computer from inside lan:
$ ssh <username>@<localip>

Login via remote computer from outside lan:
$ ssh <username>@<remoteip>

Continue reading “How to setup an sftp/ssh server with denyhosts on ubuntu”