10 Useful SSH (Secure Shell) Interview Questions and Answers

SSH stands for Secure Shell is a network protocol, used to access remote machine in order to execute command-line network services and other commands over a Network. SSH is Known for its high security, cryptographic behavior and it is most widely used by Network Admins to control remote web servers primarily.

Here in this Interview Questions series article, we are presenting some useful 10 SSH (Secure Shell) Questions and their Answers.

1. SSH is configured on what Port Number, by default? How to change the port of SSH?

Answer : SSH is configured on port 22, by default. We can change or set custom port number for SSH in configuration file.

We can check port number of SSH by running the below one liner script, directly on terminal.

# grep Port /etc/ssh/sshd_config		[On Red Hat based systems]

# grep Port /etc/ssh/ssh_config		        [On Debian based systems]

To change the port of SSH, we need to modify the configuration file of SSH which is located at ‘/etc/ssh/sshd_config‘ or ‘/etc/ssh/ssh_config‘.

# nano /etc/ssh/sshd_config	[On Red Hat based systems]

# nano /etc/ssh/ssh_config		[On Debian based systems]

Searh for the Line.

Port 22

And replace ‘22‘ with any UN-engaged port Number say ‘1080‘. Save the file and restart the SSH service to take the changes into effect.

# service sshd restart					[On Red Hat based systems]

# service ssh restart					[On Debian based systems]

2. As a security implementation, you need to disable root Login on SSH Server, in Linux. What would you suggest?

Answer : The above action can be implemented in the configuration file. We need to change the parameter ‘PermitRootLogin’ to ‘no’ in the configuration file to disable direct root login.

To disable SSH root login, open the configuration file located at ‘/etc/ssh/sshd_config‘ or ‘/etc/ssh/ssh_config‘.

# nano /etc/ssh/sshd_config			[On Red Hat based systems]

# nano Port /etc/ssh/ssh_config			[On Debian based systems]

Change the parameter ‘PermitRootLogin‘ to ‘no‘ and restart the SSH service as show above.

3. SSH or Telnet? Why?

Answer : Both SSH and Telnet are network Protocol. Both the services are used in order to connect and communicate to another machine over Network. SSH uses Port 22 and Telnet uses port 23 by default. Telnet send data in plain text and non-encrypted format everyone can understand whereas SSH sends data in encrypted format. Not to mention SSH is more secure than Telnet and hence SSH is preferred over Telnet.

4. Is it possible to login to SSH server without password? How

Answer : Yes! It is possible to login to a remote SSH server without entering password. We need to use ssh-keygen technology to create public and private keys.

Create ssh-keygen using the command below.

$ ssh-keygen

Copy public keys to remote host using the command below.

$ ssh-copy-id -i /home/USER/.ssh/id_rsa.pub REMOTE-SERVER

Note: Replace USER with user name and REMOTE-SERVER by remote server address.

The next time we try to login to SSH server, it will allow login without asking password, using the keygen. For more detailed instructions, read how to login remote SSH server without password.

5. How will you allows users and groups to have access to SSH Sever?

Answer : Yes! It is possible to allow users and groups to have access to SSH server.

Here again we need to edit the configuration file of SSH service. Open the configuration file and add users and groups at the bottom as show below and then, restart the service.

AllowUsers Tecmint Tecmint1 Tecmint2
AllowGroups group_1 group_2 group_3

6. How to add welcome/warning message as soon as a user login to SSH Server?

Answer : In order to add a welcome/warning message as soon as a user logged into SSH server, we need to edit file called ‘/etc/issue’ and add message there.

# nano /etc/issue

And add your custom message in this file. See, below a screen grab that shows a custom message as soon as user logged into server.

7. SSH has two protocols? Justify this statement.

Answer : SSH uses two protocols – Protocol 1 and Protocol 2. Protocol 1 is older than protocol 2. Protocol 1 is less secure than protocol 2 and should be disabled in the config file.

Again, we need to open the SSH configuration file and add/edit the lines as shown below.

# protocol 2,1

to

Protocol 2

Save the configuration file and restart the service.

8. Is it possible to trace unauthorized login attempts to SSH Server with date of Intrusion along with their corresponding IP.

Answer : Yes! we can find the failed login attempts in the log file created at location ‘/var/log/secure’. We can make a filter using the grep command as shown below.

# cat /var/log/secure | grep “Failed password for”

Note: The grep command can be tweaked in any other way to produce the same result.

9. Is it possible to copy files over SSH? How?

Answer : Yes! We can copy files over SSH using command SCP, stands for ‘Secure CopY’. SCP copies file using SSH and is very secure in functioning.

A dummy SCP command in action is depicted below:

$ scp text_file_to_be_copied Your_username@Remote_Host_server:/Path/To/Remote/Directory

For more practical examples on how to copy files/folders using scp command, read the 10 SCP Commands to Copy Files/Folders in Linux.

10. Is it possible to pass input to SSH from a local file? If Yes! How?

Answer : Yes! We can pass input to SSH from a local file. We can do this simply as we do in scripting Language. Here is a simple one liner command, which will pass input from local files to SSH.

# ssh username@servername < local_file.txt

SSH is a very hot topic from interview point, of all times. The above questions would have surely added to your knowledge.

That’s all for now. I’ll soon be here with another interesting article. Till then Stay Tuned and connected to Tecmint. Don’t forget to provide us with your valuable feedback in our comment section.

Oh-oh-oh. There is no difference in config file names between RH, Debian, Gentoo and so on. I.e.
==================================================================
root@seafile:~# lsb_release -d
Description: Debian GNU/Linux 8.6 (jessie)
root@seafile:~# ls /etc/ssh/*_config
/etc/ssh/ssh_config /etc/ssh/sshd_config
root@seafile:~# head -n 3 /etc/ssh/ssh_config

# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
root@seafile:~# head -n 5 /etc/ssh/sshd_config
# Package generated configuration file
# See the sshd_config(5) manpage for details

# What ports, IPs and protocols we listen for
Port 22
==================================================================
[root@aloe ~]# cat /etc/redhat-release
CentOS release 4.9 (Final)
[root@aloe ~]# ls /etc/ssh/*_config
/etc/ssh/ssh_config /etc/ssh/sshd_config
[root@aloe ~]# head -n 3 /etc/ssh/ssh_config
# $OpenBSD: ssh_config,v 1.19 2003/08/13 08:46:31 markus Exp $

# This is the ssh client system-wide configuration file. See
[root@aloe ~]# head -n 5 /etc/ssh/sshd_config
# $OpenBSD: sshd_config,v 1.69 2004/05/23 23:59:53 dtucker Exp $

# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
==================================================================
isa ~ # cat /etc/gentoo-release
Gentoo Base System release 2.3
isa ~ # ls /etc/ssh/*_config
/etc/ssh/ssh_config /etc/ssh/sshd_config
isa ~ # head -n 3 /etc/ssh/ssh_config
# $OpenBSD: ssh_config,v 1.30 2016/02/20 23:06:23 sobrado Exp $

# This is the ssh client system-wide configuration file. See
isa ~ # head -n 5 /etc/ssh/sshd_config
# $OpenBSD: sshd_config,v 1.99 2016/07/11 03:19:44 tedu Exp $

# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
==================================================================

Ubuntu, Mint, Calculate all of them have two config files ssh_config for ssh client and sshd_config for daemon.
So seriously mistakes… :( Very bad!

43 thoughts on “10 Useful SSH (Secure Shell) Interview Questions and Answers”

Himanshu Sain

December 4, 2019 at 1:10 pm

In Redhat OS, there are 2 files under /etc/ssh i.e sshd_config and ssh_config? What is the difference and what is the use of both files and for what purpose??
- Andrew
  
  July 12, 2020 at 8:41 pm
  
  sshd_config is for daemon – ssh _server_ process working on host you connect to.
  
  ssh_config is used to set up system-wide default settings for ssh command (ssh-client)
mutono geofrey

February 28, 2017 at 10:46 pm

when given three departments how can write policy document for the security system for the bank that ensures integrity authentication in the bank.
Andrew

January 17, 2017 at 11:09 pm

Oh-oh-oh. There is no difference in config file names between RH, Debian, Gentoo and so on. I.e.
==================================================================
root@seafile:~# lsb_release -d
Description: Debian GNU/Linux 8.6 (jessie)
root@seafile:~# ls /etc/ssh/*_config
/etc/ssh/ssh_config /etc/ssh/sshd_config
root@seafile:~# head -n 3 /etc/ssh/ssh_config

# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
root@seafile:~# head -n 5 /etc/ssh/sshd_config
# Package generated configuration file
# See the sshd_config(5) manpage for details

# What ports, IPs and protocols we listen for
Port 22
==================================================================
[root@aloe ~]# cat /etc/redhat-release
CentOS release 4.9 (Final)
[root@aloe ~]# ls /etc/ssh/*_config
/etc/ssh/ssh_config /etc/ssh/sshd_config
[root@aloe ~]# head -n 3 /etc/ssh/ssh_config
# $OpenBSD: ssh_config,v 1.19 2003/08/13 08:46:31 markus Exp $

# This is the ssh client system-wide configuration file. See
[root@aloe ~]# head -n 5 /etc/ssh/sshd_config
# $OpenBSD: sshd_config,v 1.69 2004/05/23 23:59:53 dtucker Exp $

# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
==================================================================
isa ~ # cat /etc/gentoo-release
Gentoo Base System release 2.3
isa ~ # ls /etc/ssh/*_config
/etc/ssh/ssh_config /etc/ssh/sshd_config
isa ~ # head -n 3 /etc/ssh/ssh_config
# $OpenBSD: ssh_config,v 1.30 2016/02/20 23:06:23 sobrado Exp $

# This is the ssh client system-wide configuration file. See
isa ~ # head -n 5 /etc/ssh/sshd_config
# $OpenBSD: sshd_config,v 1.99 2016/07/11 03:19:44 tedu Exp $

# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
==================================================================

Ubuntu, Mint, Calculate all of them have two config files ssh_config for ssh client and sshd_config for daemon.
So seriously mistakes… :( Very bad!
sumit kumar

December 27, 2016 at 10:02 am

Hi Ravi,

How does ssh work, mean to say what is the functionality of public and private key ,how the communication takes place b/w client and server.
It was asked to me in vmware interview.
Can you please help
deepa

October 5, 2016 at 12:20 pm

Can SSH is used for making http requests to a web server, checking network path to a remote, and writing a web server, accessing a remote computer. please tell me the answer
- Ravi Saive
  
  October 5, 2016 at 12:36 pm
  
  @Deepa,
  
  SSH is used to only connect remote Linux servers, and on the remote client SSH client must be installed to make a SSH connection…not for HTTP requests..
  - deepa
    
    October 6, 2016 at 9:07 am
    
    ok. thank u sir