Most Linux users already know the bare basics of using OpenSSH. You use ssh to get a secure shell into a remote system, sftp for Secure FTP, and scp for copying files. All well and good.

But OpenSSH can do quite a bit more than many users realize. Let's take a look at some of the things you can do with OpenSSH and associated tools.

Now I can tunnel my traffic through SSH using a home router with Linux. It was easy to set up and cheap. And I needed a router at home anyway. I have a basic Linux-like system, and the most interesting for me: OpenSSH. Also, it is small, quiet, power effective and reliable.

There are two popular Linux-based firmware projects for routers: OpenWrt and DD-WRT. The first thing you have to do is to pick the one you want. Check supported hardware before you decide.

Ever debugged a program remotely and felt like telling your computer where to go and how to get there? Hopelessly adding calls to printf() and recompiling as a steady string of explectatives flow from your over-caffeinated brain waves.

Fear not! Help is on the way.

Practically all Unix and Linux servers run an SSH service to let administrators connect securely from remote locations. Unfortunately for security administrators, attacks on SSH services are popular today. In this article I'll show you how can you protect machines running SSH services from brute force attacks using the pam_abl plugin for SSH pluggable authentication modules (PAM).

If you want to increase your productivity with SSH, you can try a tool that lets you run commands on more than one remote machine at the same time. Parallel ssh, Cluster SSH, and ClusterIt let you specify commands in a single terminal window and send them to a collection of remote machines where they can be executed.

Why you would need a utility like this when, using openSSH, you can create a file containing your commands and use a bash for loop to run it on a list of remote hosts, one at a time? One advantage of a parallel SSH utility is that commands can be run on several hosts at the same time.

SSHFS is a really nice piece of software, because it just makes your life just a bit easier. It can 'mount' a directory of a remote SSH server and you can use it as a normal directory.

Many computer systems around the world have been possessed by penguins; some have even been possessed by dead rats. In light of this, it is desireable to exorcize these evil spirits, and replace them with a nice, friendly daemon.

I've put together some code for building a FreeBSD disk image which will boot into memory, configure the network, set a root password, and enable SSH. This can be used to "depenguinate" a Linux box, without requiring any access beyond a network connection.

Installing the OpenSSH client and server on Ubuntu is as easy as typing "sudo apt-get install openssh" at a terminal prompt. However, this will install Portable OpenSSH version 4.3p2[-8ubuntu1]. Unfortunately for users, this version of Portable OpenSSH does not include the "Match" functionality added to the SSH server in version 4.4p1, that "allows some configuration options to be selectively overridden if specific criteria (based on user, group, hostname and/or address) are met."

Under normal conditions, when everybody trusts everybody else, YTalk, talk, ntalk, et cetera will work without any problems. Alas, I found the real world a little more difficult and disappointing. It turned out my buddies couldn't reach me because of firewalls. Either their firewall rules would block the UDP connection or my firewall rules would stop it. Then there was the issue of corporate firewalls and even the ISP who sometimes played the big brother by blocking certain ports for the protection of our Windows brethren. Rather than taking the time to reset my firewall to better rules and hoping my buddies could take the same effort for theirs, I opted for another approach: remote logging with SSH and using guest accounts expressly setup for the purpose.

I have to look this up from time to time, usually just after installing a new Linux system intended for use as a test server. There are GUI tools for configuring the firewall, but I usually leave the entire windowing system uninstalled.

By default, many Linux distributions will start up sshd and httpd, but you won’t be able to connect to them over the network, since the ports will be blocked by iptables. The examples below are for Red Hat or CentOS (which is basically Red Hat), and may vary slightly betweenl distributions.