ssh
Port Forwarding
ssh -L 8080:www.ubuntuforums.org:80 $USER@$HOST
Generate a SSH Key
- Permissions on private key are 700
# COPY ONE AT A TIME
ssh-keygen -t rsa -b 4096 -C "devgoalposts@protonmail.com"
# Without email
# ssh-keygen -o
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_rsa
# Can add any file as long as it has 700 permissions
# ssh-add -k ~/.ssh/id_rsa
cat ~/.ssh/id_rsa.pub
Setup ssh server
# Install OpenSSH server
sudo apt-get install openssh-server
sudo systemctl start ssh
sudo systemctl enable ssh
Copy SSH keys to server
ssh-copy-id username@domain
ssh-copy-id -f -i <path to public key> username@domain
Disable password login
sudo vi /etc/ssh/sshd_config
# Change the following settings
# ChallengeResponseAuthentication no
# PasswordAuthentication no
# UsePAM no
# PermitRootLogin no
# Now reload the server
/etc/init.d/ssh reload
# or
sudo systemctl reload ssh
# or RHEL style
sudo systemctl reload sshd
# Test password ChallengeResponseAuthentication
ssh dentropy@somedomain.local -o PubkeyAuthentication=no
List ssh identity's
ssh-add -l
Security
Generate public key from private key
ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
SSH without using private key
ssh -o PreferredAuthentications=password \
-o PubkeyAuthentication=no user@server
Backlinks