EBC Exercise 16a ssh port number

From eLinux.org
Revision as of 12:26, 22 July 2020 by Yoder (talk | contribs) (Initial info)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

thumb‎ Embedded Linux Class by Mark A. Yoder


If you leave your Beagle on a publicly exposed network (like Rose's) long you'll soon see login attempts from all over the world.

Here you'll learn how to see those attempts and how to change your ssh port number to avoid them.

journalctl

A quick way to see if anyone's been trying to access your Beagle is:

bone$ journalctl | grep ssh
Jul 22 14:17:11 pocket sh[936]: generic-board-startup: ssh
Jul 22 14:17:13 pocket sshd[964]: Server listening on 0.0.0.0 port 22.
Jul 22 14:17:13 pocket sshd[964]: Server listening on :: port 22.
Jul 22 14:24:02 pocket sshd[2328]: Connection closed by authenticating user debian 192.168.7.1 port 47886 [preauth]
Jul 22 14:24:02 pocket sshd[2330]: Accepted publickey for debian from 192.168.7.1 port 47888 ssh2: RSA SHA256:kkATqhiwy+v8EzXzJSV3jSrVEam/L+NF2yl8GFdvOBI
Jul 22 14:24:02 pocket sshd[2330]: pam_unix(sshd:session): session opened for user debian by (uid=0)

Here you see normal activity. I logged in as debian using the publickey that was setup with ssh-copy-id.

Now try logging in as an invalid user. Here I try yoder.

bone$ journalctl | grep ssh
Jul 22 15:38:10 pocket sshd[2507]: Failed password for invalid user yoder from 192.168.7.1 port 47942 ssh2
Jul 22 15:38:16 pocket sshd[2507]: Connection closed by invalid user yoder 192.168.7.1 port 47942 [preauth]

The login is rejected.




thumb‎ Embedded Linux Class by Mark A. Yoder