( words)
So I recently purchased a new server, with the aim to run Virtualizor and OpenVZ on it which happened to mean installing Centos instead of my usual Debian. The experience was definitely an interesting one, but here’s what happened:
Add the dropbear repo:
rpm -Uvh http://ftp-stud.hs-esslingen.de/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
Install dropbear:
yum install dropbear
I was initially baffled as how to configure Dropbear on Centos, having previously only set it up on Debian. Here’s how I got it to work. First create a new file in /etc/sysconfig for dropbear:
vim /etc/sysconfig/dropbear
Now you can pass parameters to dropbear for when it’s starting up:
OPTIONS=" -p 222"
Here you can add other parameters, such as disabling root logins; for a full list read:
man dropbear
Remove OpenSSH:
yum erase openssh-server
Add dropbear to startup and start the sever:
chkconfig dropbear on service dropbear start
Make sure you check that it is indeed running and verify from another box before you logout your current session otherwise you’re well and truly in a pickle.
FAQ
Service won’t correctly start up
It turns out that SELinunx is shipped with Centos by default (unlike Debian.) If you change the SSH port as I did earlier in the sysconfig file then you need to update SELinux to the new port number, don’t be disconcerted if the below command takes a while to run:
semanage port -a -t ssh_port_t -p tcp 222
If semanage doesn’t exist then you need to install it
yum install policycoreutils-python
I’m still not able to connect? “No route to host”
My problem here was Centos also decided it wants to setup iptables which by default are setup to only allow access for SSH on port 22. To change this:
vim /etc/sysconfig/iptables
Now change the below line from using port 22 to the port you decided upon earlier (I used 222):
-A INPUT -m state --state NEW -m tcp -p tcp --dport 222 -j ACCEPT
Make sure to restart iptables so the changes take effect:
service iptables restart