Enabling remote access to Debian 7.5 with OpenSSH

I prefer to use my desktop workstation instead of sitting in front of the server; by installing the OpenSSH server I can continue using my workstation to setup the server.

Installing OpenSSH server

We install the OpenSSH server by executing the following command in a “root” shell.

apt-get install openssh-server

Configuring OpenSSH server

The configuration of OpenSSH server is stored in the /etc/ssh/sshd_config file.

Port

Port 22

By default, the OpenSSH server is listening on port 22 for connections. By adding additional Port entry combinations, additional ports are specified that the OpenSSH server is listening on.

ListenAddress

#ListenAddress 0.0.0.0

By default, the OpenSSH server socket binds on all IP addresses of the network interface. By specifying an IP address, the OpenSSH server is limited to only bind on that specific address.

ListenAddress 192.168.100.10

From the example above, the OpenSSH server will only bind to the primary IP address of the network interface, as defined in our previous article.

LoginGraceTime

LoginGraceTime 120

By default, the OpenSSH server disconnects after this period if the user has not successfully logged in. If the value is 0, there is no time limit. The default is 120 (seconds).

PermitRootLogin

PermitRootLogin yes

By default, the OpenSSH server allows that the “root” user to log in using ssh.

PermitEmptyPasswords

PermitEmptyPasswords no

By default, the OpenSSH server will not allow for the authentication to accounts with empty passwords.

Advertisements

Setting up your own development server in Debian

In this series of articles, we will be setting up a new development environment under Debian 7.5. This will include a base server operating system, GUI Desktop Environment, Network Time Server, DNS server, Mail server, Database server and Web server. We will also be hosting our own Version Control System with integration into a Project Management and Issue and Time Tracking solution. We will also require our own Certificate Authority to request and sign digital certificates to use on our internal network and web server.

Operating System and Desktop Environment

As stated above, we will be making use of Debian 7.5 for our server operating system and either log in remotely to a shell over SSH or directly via a Desktop Environment.

Our Desktop Environment will be LXDE, due to the fact that it is designed to work well with computers on the lower end of the performance spectrum – in my case, I am running my Debian server on a Pentium IV 1.7GHz with 512MB of RAM and 2 drives of 40GB and 160GB each – the latter being used as my data drive and the former to host the operating system. We’ll also be installing Gnome and KDE as well, which are both very common Desktop Environments.

Network Time

For us to be able to broadcast Coordinated Universal Time on our internal network, we will be using NTP.

DNS Server

For us to be able to host domains on our internal network, we will be using Bind.

Mail Server

For us to be able to send and receive email messages on our internal network, we will be using Exim 4 with ClamAV, SpamAssassin and Greylistd enabled.

Data storage

For us to be able to provide data storage for our applications, we will be making use of

  • Relational databases;
  • In-memory object caching; and
  • NoSQL databases.

Relational database

MySQL Server 5.5 will provide our relational database back-end and we will be administering it through a web front-end making use of phpMyAdmin.

Object-caching

Memcached will provide our object-caching back-end and we will be administering it through a web front-end making use of phpMemcachedAdmin.

NoSQL database

MongoDB will provide our NoSQL database back-end and we will be administering it through a web front-end making use of RockMongo.

Web Server

The web front-ends will be hosted on Apache 2.2, with virtual hosts configured for each specific web front-end and SSL certificates securing the communication between the web front-ends and clients.

Java Application Server

Tomcat will provide our Java Application Server functionality.

Zend Framework

Zend Framework 2 is an open source framework for developing web applications and services using PHP 5.3+. Apigility provides the functionality to implement a WebAPI on top of the Zend Framework.

Version Control System

For us to provide our own version control system, we will be using Subversion and Mercurial and also enable access to it over the HTTPS protocol.

Project Management and Issue and Time Tracking

For us to provide our project management solution, we will be using Redmine and configure access to both Subversion and Mercurial as well as enable access to it over the HTTPS protocol.


The articles will be published in the order below and as these become available, I will update the list with the appropriate links.

At the end of this series, we will have a comprehensive development server for internal use. A note on this, we are setting up the server behind an existing firewall making use of the 192.168.100.x range of IP addresses.