Introduction
Whenever there is a requirement to check the current running configuration of a SSH service, there is a simple way to do it. In this article, without having to check it by opening the SSH service file configuration, just execute a certain command. Those command is a command for checking the running configuration of a SSH service.
Execute Command to Check Running SSH Service Configuration
So, the following is the actual step to do that :
-
First of all, just login to the machine or the server with the root account. Or else, login to the machine or the server with any user account with super user privilege available. Or else, switch to root account.
-
After successfully logging in user root or any user account with super user privilege, just execute the following command :
sshd -T
Moreover, to print the output of the SSH service’s configuration in an ascending form, just add a pipe and sort attribute as follows :
sshd -T | sort
So, the following is the execution of the above command in the machine or the server :
[root@localhost ~]# sshd -T | sort acceptenv LANG acceptenv LANGUAGE acceptenv LC_ADDRESS acceptenv LC_ALL acceptenv LC_COLLATE acceptenv LC_CTYPE acceptenv LC_IDENTIFICATION acceptenv LC_MEASUREMENT acceptenv LC_MESSAGES acceptenv LC_MONETARY acceptenv LC_NAME acceptenv LC_NUMERIC acceptenv LC_PAPER acceptenv LC_TELEPHONE acceptenv LC_TIME acceptenv XMODIFIERS addressfamily any allowagentforwarding yes allowstreamlocalforwarding yes allowtcpforwarding yes authenticationmethods any authorizedkeyscommand none authorizedkeyscommanduser none authorizedkeysfile .ssh/authorized_keys authorizedprincipalscommand none authorizedprincipalscommanduser none authorizedprincipalsfile none banner none challengeresponseauthentication no chrootdirectory none ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes128-ctr clientalivecountmax 3 clientaliveinterval 0 compression yes disableforwarding no exposeauthenticationmethods never fingerprinthash SHA256 forcecommand none gatewayports no gssapiauthentication yes gssapicleanupcredentials no gssapienablek5users no gssapikexalgorithms gss-gex-sha1-,gss-group14-sha1- gssapikeyexchange no gssapistorecredentialsonrekey no gssapistrictacceptorcheck yes hostbasedacceptedkeytypes ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss hostbasedauthentication no hostbasedusesnamefrompacketonly no hostkeyagent none hostkeyalgorithms ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss hostkey /etc/ssh/ssh_host_ecdsa_key hostkey /etc/ssh/ssh_host_ed25519_key hostkey /etc/ssh/ssh_host_rsa_key ignorerhosts yes ignoreuserknownhosts no ipqos lowdelay throughput kbdinteractiveauthentication no kerberosauthentication no kerberosorlocalpasswd yes kerberosticketcleanup yes kerberosusekuserok yes kexalgorithms diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1 listenaddress 0.0.0.0:22 listenaddress [::]:22 logingracetime 120 loglevel INFO macs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,hmac-sha1 maxauthtries 6 maxsessions 10 maxstartups 10:30:100 passwordauthentication yes permitemptypasswords no permitopen any permitrootlogin yes permittty yes permittunnel no permituserenvironment no permituserrc yes pidfile /var/run/sshd.pid port 22 printlastlog yes printmotd yes pubkeyacceptedkeytypes ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss pubkeyauthentication yes rekeylimit 0 0 revokedkeys none showpatchlevel no streamlocalbindmask 0177 streamlocalbindunlink no strictmodes yes subsystem sftp /usr/libexec/openssh/sftp-server syslogfacility AUTHPRIV tcpkeepalive yes trustedusercakeys none usedns yes usepam yes useprivilegeseparation sandbox versionaddendum none x11displayoffset 10 x11forwarding yes x11maxdisplays 1000 x11uselocalhost yes xauthlocation /usr/bin/xauth [root@localhost ~]#