FlashPanel

English

Tiếng Việt

English

Tiếng Việt

Appearance

📘 Easily Update SSH Settings via Web Interface

No need to open a terminal or edit files manually. You can now change SSH server settings easily through a user-friendly interface.

✅ What Does This Feature Do?

This feature lets you update important SSH server settings (in sshd_config) directly through the web , without SSH access or editing files manually.

With just a few clicks, you can:

  • ✅ Enable/disable password login or root access
  • ✅ Add or block users from SSH access
  • ✅ Change SSH port, timeout, login attempts, etc.
  • ✅ Apply best-practice security settings

🖥 Interface Overview

See the image below:

⚙️ How to Use It

  1. Go to the SSH Settings section in the panel

alt text

  1. Click the Recommend button to automatically apply security best practices

    • This will set secure default values for all SSH configuration options
    • Perfect for users who want enhanced security without manual configuration
    • You can still adjust individual settings after applying recommendations

  2. Or modify the sections below as needed:

    The system manages the following SSH configuration options:

    • Port: SSH port number (default: 22)
    • ListenAddress: IP addresses SSH server listens on
    • PasswordAuthentication: Enable/disable password login
    • UsePAM: Enable/disable PAM authentication
    • ChallengeResponseAuthentication: Enable/disable challenge-response authentication
    • KbdInteractiveAuthentication: Enable/disable keyboard-interactive authentication
    • AllowUsers: List of users allowed to connect via SSH
    • MaxAuthTries: Maximum number of authentication attempts
    • MaxSessions: Maximum number of sessions per connection
    • MaxStartups: Maximum number of unauthenticated connections
    • LoginGraceTime: Time limit for successful authentication
    • TCPKeepAlive: Enable/disable TCP keepalive messages
    • ClientAliveInterval: Time between keepalive messages
    • ClientAliveCountMax: Maximum missed keepalive messages before disconnection
    • AllowTcpForwarding: Enable/disable TCP port forwarding
    • GatewayPorts: Allow remote hosts to connect to forwarded ports
    • X11Forwarding: Enable/disable X11 forwarding
    • PermitTunnel: Enable/disable tunnel device forwarding
    • LogLevel: Logging verbosity level
    • PrintMotd: Display message of the day after login
    • PrintLastLog: Show last login information
    • PermitUserRC: Allow execution of ~/.ssh/rc by ssh

✅ After Making Changes?

  1. Click the Update button
  2. The system will:
    • Validate your configuration
    • Automatically update the sshd config
    • Restart SSH service if needed

✅ After You Click "Update"

  1. The system will:
    • Validate the config
    • Update sshd config relavant automatically
    • Reload or restart SSH as needed

🧯 What If Something Goes Wrong?

  • The system will NOT apply invalid configs
  • It automatically restores backup files if something fails
  • Errors will be displayed clearly

⚠️ Tips & Safety Notes

⚠️ CautionDescription
Avoid editing /etc/ssh/sshd_config directly if you're using this interfacePrevents conflict or overwrite
If you lose SSH access after changing settingsUse the VPS provider's web console to revert safely

💬 FAQ

  • Do I need to reboot the server?

    🔹 No. SSH service will reload automatically if needed.

  • Can I break SSH access by mistake?

    🔹 No. The system validates and safely restores config on failure.

  • What does the Recommend button do?

    🔹 It automatically configures SSH with security best practices, including:

    • Disabling password authentication (requires SSH keys)
    • Setting optimal timeout values
    • Limiting login attempts
    • Configuring proper logging
    • Applying other security hardening measures