10 Useful SSH (Secure Shell) Interview Questions and Answers

Download Your Free eBooks NOW - 10 Free Linux eBooks for Administrators

Avishek Kumar

I am a major in computer science, love to research nix. I love to write codes and scripts, review distros, experiment Foss Technologies, write technical articles, Hack, of course Ethically. I am working as System Administrator (nix) for a NGO.

Your name can also be listed here. Work as a Paid freelancer/writer at TecMint.

Download Free Linux eBooks

Advanced Bash-Scripting Guide
Linux Bible
A Newbie's Getting Started Guide to Linux
Ubuntu Linux Toolbox: 1000+ Commands

You may also like...

15 Responses

  1. nandha says:

    /etc/ssh/ssh_config is on client side

  2. raman says:

    Thanks good article regarding SSH questions.

  3. venky sun says:

    Thank you !!!!!!!!!!!!!!!!!!Nice topics and also comment of Roberto C. Sanchez is also very good .

    thanks for sharing info.

  4. kiran varma says:

    Nice article thanks for sharing :)

  5. Nice and very valuable information

  6. Jack says:

    “ssd_config” to alter SSH SERVER configuration on Debian? Really? ?? I stopped reading here.

  7. abilash says:

    Great Info…!
    Thanks a lot Roberto for alternative methods and other useful features of SSH..!
    Cheers..!

  8. Chris says:

    Somebody forgot to proof read this article to the point that it’s factually incorrect.

    Example:

    “Protocol 1 is less secure than protocol 1 and should be disabled in the config file.”

  9. Roberto C. Sanchez says:

    Several notes about your article (I numbered them to correspond to your questions):

    1. The /etc/ssh/ssh_config file is NOT the correct file. That file is for the system-wide ssh client configuration. The daemon is configured by /etc/ssh/sshd_config (as in other distros). Also, it is valid to specify the port directive with any sort of capitalization (e.g., “port” or “PORT” or even “pOrT”), so the grep command should be ‘grep -i port /etc/ssh/sshd_config’. Additionally, that command will only tell you what port has been configured, not what port the running daemon is actually listening on. That is, if the port specification in the configuration is changed but the daemon is not restarted, you will be misled. To see what port the daemon is currently listening on, you can run ‘netstat -nplt |grep sshd’. There is no ‘service’ command on Debian. You can restart ssh by running ‘/etc/init.d/ssh restart’.

    2. Same as with #1, the file in Debian is /etc/ssh/sshd_config. Also, the command ‘nano Port /etc/ssh/ssh_config’ does not make sense.

    3. In a Kerberos environment with a Kerberos-enabled telnet, it can use encryption. Of course, SSH can also take advantage of Kerberos authentication, so it is still likely a better choice these days than even encrypted telnet.

    4. It is also possible to login via SSH without a password when using Kerberos for authentication.

    6. /etc/issue is just the default, you can use any file with the directive ‘Banner /path/to/message’ in sshd_config. This can be used if you need to display different welcome messages to remote users than to local users.

    8. First, it is pointless and unnecessary to ‘cat’ a file only to pipe it into ‘grep’. If the file is very large, it can be unnecessarily slow. You can achieve exactly the same by running ‘grep “Failed password for” /var/log/secure’. Also, there is no /var/log/secure on Debian systems. On a Debian system you would look in /var/log/auth.log. Also, the string “Failed password for” will only show you when someone tries to log in as an authorized user. If the user is not authorized (because you have used the AllowedUsers and/or AllowedGroups), then you should also look for “Invalid user”.

    9. You make no mention of the sftp command.

    10. You left out mention of some very useful features of ssh, including using the -f option to background ssh before executing a command on the remote host, as well as setting up secure tunnels with ssh.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Join Over 62000+ Linux Users
  1. 46679
  2. 2055
  3. 10101

Enter your email to get latest Linux Howto's