5 Unix / Linux OpenSSH SSHD Command Examples

sshd is OpenSSHD Daemon. When sshd receives a request for connection from a client, it creates a new process for that particular connection. You can use either password or key exchange authentication (there are others types too).

Typically this daemon gets the configuration parameters from the /etc/ssh/sshd_config file. But, you can also specify the options from the command line, in which case, it overrides the parameters from the sshd_config file.

You can modify the /etc/rc.d/init.d/sshd file to pass any of the command line options specified below. You can specify the parameters in the /etc/sysconfig/sshd file, or you can specify the parameters in the /etc/ssh/sshd_config file.

1. Use either IPv4 or IPv6 Only

You can instruct sshd to use only ipv4 address as shown below.

sshd -4

You can instruct sshd to use only ipv6 address as shown below.

sshd -6

2. SSHD Debug Modes

For debugging purpose, if you want to run the sshd in the foreground and see the output, specify the -D option. -D option will not detach.

sshd -D

If you want a detailed log messages, specify -d. You can specify upto three -d options which will increase the debug levels. Please note that this option also will not detach the sshd (similar to -D mentioned above).

sshd -d -d -d

For some reason, if you want sshd to send the error messages to the standard error (instead of sending it to the system log files), use the -e option.

sshd -d -e

3. SSHD Config Files

As you already know the default config file is /etc/ssh/sshd_config. But, you change this to your own config file name, using -f option as shown below.

sshd -f /root/conf/mysshd.conf

4. SSHD Grace Time

If the ssh client doesn’t login to authenticate within the number of seconds specified in the login_grace_time, sshd will disconnect that connection. The default is 120 sections. For example, if you don’t enter your username and password within 120 seconds after initiating the connection, sshd will terminate your connection.

You can change this 120 seconds grace time to increase or decrease it using -g option. The following decreases the grace time to 15 seconds. If you don’t login within 15 seconds, ssh will disconnect. If you specify 0 seconds, it will never disconnect.

sshd -g 15

5. Specify Options in Command Line

You can also specify the options similar to the one you specify in the sshd_config file in the command line itself. For example, the following will set the AllowUsers parameter. This will override whatever AllowUsers value that is set in the /etc/ssh/sshd_config file.

sshd -o "AllowUsers ramesh john"