Explore essential concepts of SSH and remote access in Linux, including authentication methods, configuration options, security practices, and related command-line utilities. This quiz helps you reinforce best practices for secure and efficient remote server management using industry-standard Linux tools.
Which port does the SSH service use by default to accept incoming remote connections on a Linux system?
Explanation: Port 22 is the default port for SSH, which is used for securely accessing remote Linux systems. Port 21 is commonly used for FTP, while port 23 is used for Telnet—both being less secure than SSH. Port 2222 is sometimes used as an alternative SSH port, but it is not the default. Knowing the correct default port helps with configuring firewalls and troubleshooting connection issues.
When establishing SSH key-based authentication, which file must be copied to the remote server’s authorized_keys file for access?
Explanation: You must copy the user's public key to the remote server's authorized_keys file to enable SSH key-based authentication. Copying the private key would compromise security, as it is meant to be kept secret. The server's own keys are used for identifying the server during connection; they are not used for authenticating users. Placing the user's public key allows the server to verify the user's private key upon login.
Which configuration directive in the SSH server config file restricts login access to specific Linux user accounts?
Explanation: The AllowUsers directive in the SSH server configuration file specifies which user accounts are permitted to log in via SSH. DenyUsers can be used to block certain users, while PermitRootLogin controls root account access but not specific users. 'AllowAll' is not a valid SSH directive. Configuring AllowUsers enhances access control and security.
Which tool allows secure copying of files between a local and remote Linux system using the SSH protocol?
Explanation: The scp utility uses SSH to securely copy files between local and remote systems, ensuring data is encrypted during transit. FTP is an older protocol that does not encrypt data by default. Telnet is used for remote command-line access, not file copying, and rsyncd refers to the rsync daemon, which uses a separate protocol unless explicitly configured to use SSH. For secure file transfers, scp is commonly used.
What is a potential risk associated with enabling SSH agent forwarding when connecting to untrusted remote servers?
Explanation: SSH agent forwarding allows remote servers to use your local authentication agent for further SSH connections, which can potentially expose your credentials if the remote server is compromised. The private key itself is not sent, but the agent can be accessed by malicious users on the remote machine. Agent forwarding does not affect connection logs, authentication methods, or bandwidth usage. It's important to use this feature only with trusted systems.