SSH Interview Questions and Answers

SSH (Secure Shell) is a network protocol used to access a remote machine in order to execute command-line network services and other commands over a Network. It’s an important part in a Linux based technical interview.

SSH Interview Questions

Ques #1 What is SSH?

Ans: Secure Shell protocol is abbreviated as SSH. It is a secure and most commonly using protocol to access remote servers. This protocol uses encryption while transferring data between two hosts.

Ques #2 What is the default port number for SSH?

Ans: Port 22

Ques #3 What is the configuration file for SSH server?

Ans: The configuration file for SSH client is “/etc/ssh/ssh_config.”

Ques #4 How to disable root login for ssh server?

Ans: Disabling the root login for ssh is very secure way. we can do that by editing ssh configuration file then change ‘PermitrootLogin no‘ & restart the ssh service.


#LoginGraceTime 2m
PermitRootLogin no
#StrictModes yes

Ques #5 How would you disable direct root login and only enable access for specific user only to server shell?

Ans: Open SSH configuration file and then search for the directive “AllowUsers” in configuration file.


PermitRootLogin no
AllowUsers tech1 tech2 tech3

Ques #6 How would you block specific user or group from access SSH?

Ans: You can deny a user and group by using the following directive:


DenyUsers tech5 tech6
DenyGroups sysgroup 

Ques #7 What is the difference between SSH and Telnet?

Ans: SSH is a secured shell, where telnet is not secured. When you ssh to trasnfer data between a system, the data will be send in the encrypted form, where the hacker cannot encode or decode it. While you telnet, the data send between the system is alphabetical format(ASCII), where every one can understand.

Ques #8 How to enable debugging in ssh command?

Ans: To enable debugging mode, use the switch “v” along with your normal SSH command.


# ssh [email protected]_server_IP -v

Ques #9 How to check SSH server’s version using command line?

Ans: # ssh -V

Ques #10 What is “AddressFamily” directive in SSH configuration stands for?

Ans: Limiting SSH access to specific subnet will gives more secure environment, other than given subnet network can’t access SSH server.



Ques #11 What is sshpass?

Ans: sshpass is a command which allows us to supply password to the Linux CLI, command line interface. It helps to supply SSH password in automation scripts.

Ques #12 What is Listen Address in SSH configuration?

Ans: Suppose your server has 6 different IP addresses and you want to configure SSH in such a way that, only permit SSH access to a particular IP address.



Ques #13 What is the use of “LoginGraceTime”?

Ans: This dictates the number of seconds that the server waits before disconnecting from a client if there has been no successful login.


LoginGraceTime 2m

Ques #14 What purpose is assigned for “MaxAuthTries”?

Ans: Which defines the maximum number of allowed failed login attempt from a n/w. By default It is 6.
MaxAuthTries 4

Ques #15 What do you mean by SSH cipher? Tell me different types of ciphers?

Ans: Cipher is an algorithm to perform encryption and decryption. 
Types of cipher supported by SSH are 

1. 3des
2. blowfish
3. des

Ques #16 What is the role of authorized_keys file?

Ans: Authorized_keys file stores all client keys to provide password less authentication. 

Ques #17 What is the use of blowfish options in scp command?

Ans: Using blowfish options in scp command , we can increase the speed, by default scp uses the Triple-DES cipher to encrypt the data being copied.

Ques #18 How many types of Key types SSH supports?

Ans: Types of Key types SSH supports:
1. RSA
2. DSA
4. ED25519

Ques #19 Where SSH will store its trusted ssh client keys?

Ans: By default, it will copy public key pair to "/root/ssh/known_hosts"

Ques #20 What is the procedure to log SSH errors to separate file?

Ans: Using option -E log_file it will send an standard errors to specified file

Enjoy it!

  1. 2 years ago
    • 2 years ago
  2. 1 month ago
    • 1 month ago

Leave a Reply

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.