How to Show Running SSH Service Configuration in Linux Operating System

Posted on

Introduction

Whenever there is a requirement to check the current running configuration of a SSH service, there is a simple way to do it. In this article, without having to check it by opening the SSH service file configuration, just execute a certain command. Those command is a command for checking the running configuration of a SSH service.

Execute Command to Check Running SSH Service Configuration

So, the following is the actual step to do that :

  1. First of all, just login to the machine or the server with the root account. Or else, login to the machine or the server with any user account with super user privilege available. Or else, switch to root account.

  2. After successfully logging in user root or any user account with super user privilege, just execute the following command :

    sshd -T

    Moreover, to print the output of the SSH service’s configuration in an ascending form, just add a pipe and sort attribute as follows :

    sshd -T | sort

    So, the following is the execution of the above command in the machine or the server :

    [root@localhost ~]# sshd -T | sort
    acceptenv LANG
    acceptenv LANGUAGE
    acceptenv LC_ADDRESS
    acceptenv LC_ALL
    acceptenv LC_COLLATE
    acceptenv LC_CTYPE
    acceptenv LC_IDENTIFICATION
    acceptenv LC_MEASUREMENT
    acceptenv LC_MESSAGES
    acceptenv LC_MONETARY
    acceptenv LC_NAME
    acceptenv LC_NUMERIC
    acceptenv LC_PAPER
    acceptenv LC_TELEPHONE
    acceptenv LC_TIME
    acceptenv XMODIFIERS
    addressfamily any
    allowagentforwarding yes
    allowstreamlocalforwarding yes
    allowtcpforwarding yes
    authenticationmethods any
    authorizedkeyscommand none
    authorizedkeyscommanduser none
    authorizedkeysfile .ssh/authorized_keys
    authorizedprincipalscommand none
    authorizedprincipalscommanduser none
    authorizedprincipalsfile none
    banner none
    challengeresponseauthentication no
    chrootdirectory none
    ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes128-ctr
    clientalivecountmax 3
    clientaliveinterval 0
    compression yes
    disableforwarding no
    exposeauthenticationmethods never
    fingerprinthash SHA256
    forcecommand none
    gatewayports no
    gssapiauthentication yes
    gssapicleanupcredentials no
    gssapienablek5users no
    gssapikexalgorithms gss-gex-sha1-,gss-group14-sha1-
    gssapikeyexchange no
    gssapistorecredentialsonrekey no
    gssapistrictacceptorcheck yes
    hostbasedacceptedkeytypes ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
    hostbasedauthentication no
    hostbasedusesnamefrompacketonly no
    hostkeyagent none
    hostkeyalgorithms ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
    hostkey /etc/ssh/ssh_host_ecdsa_key
    hostkey /etc/ssh/ssh_host_ed25519_key
    hostkey /etc/ssh/ssh_host_rsa_key
    ignorerhosts yes
    ignoreuserknownhosts no
    ipqos lowdelay throughput
    kbdinteractiveauthentication no
    kerberosauthentication no
    kerberosorlocalpasswd yes
    kerberosticketcleanup yes
    kerberosusekuserok yes
    kexalgorithms diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
    listenaddress 0.0.0.0:22
    listenaddress [::]:22
    logingracetime 120
    loglevel INFO
    macs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,hmac-sha1
    maxauthtries 6
    maxsessions 10
    maxstartups 10:30:100
    passwordauthentication yes
    permitemptypasswords no
    permitopen any
    permitrootlogin yes
    permittty yes
    permittunnel no
    permituserenvironment no
    permituserrc yes
    pidfile /var/run/sshd.pid
    port 22
    printlastlog yes
    printmotd yes
    pubkeyacceptedkeytypes ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss
    pubkeyauthentication yes
    rekeylimit 0 0
    revokedkeys none
    showpatchlevel no
    streamlocalbindmask 0177
    streamlocalbindunlink no
    strictmodes yes
    subsystem sftp /usr/libexec/openssh/sftp-server
    syslogfacility AUTHPRIV
    tcpkeepalive yes
    trustedusercakeys none
    usedns yes
    usepam yes
    useprivilegeseparation sandbox
    versionaddendum none
    x11displayoffset 10
    x11forwarding yes
    x11maxdisplays 1000
    x11uselocalhost yes
    xauthlocation /usr/bin/xauth
    [root@localhost ~]#
    

Leave a Reply