SSH Connection Setup: Difference between revisions

From WikiMLT
VisualWikitext
mNo edit summary
mNo edit summary
Line 1: Line 1:
<noinclude>{{ContentArticleHeader/Linux_Server|toc=off}}{{ContentArticleHeader/Linux_Desktop}}</noinclude>
<noinclude>{{ContentArticleHeader/Linux_Server|toc=off}}{{ContentArticleHeader/Linux_Desktop}}</noinclude>
== Install SSH Server and Client ==
The SSH client is the software that makes an SSH connection to a remote instance. The SSH server is the software that accepts the connection no the remote instance. In case we don't need to connect to the client instance - i.e. it is laptop, we do not neet to install the server.<syntaxhighlight lang="shell" line="1">
sudo apt install openssh-server openssh-client
</syntaxhighlight>When the server is installed its service is automatically enabled and started, so if we have installed both packages above, we can test whether it is operational by an SSH to the loop-back interface.<syntaxhighlight lang="shell" line="1">
sudo apt install openssh-server openssh-client
</syntaxhighlight>By default within the SSH server's configuration the password login is enabled. It is much safer to use key based authentication and once it is setup and operational we can safely disable the password authentication.
== Setup Key Based Authentication ==
{{collapse/begin}}
First we need to generate SSH key pair . This should be done at the client's side. It is preferable to use '''ED25519''' based key, because it is more secure and also it is faster because is much shorten especially than 4096 bit RSA key.
{{collapse/div|#References}}
*[https://security.stackexchange.com/q/90077/131156 SSH Key: Ed25519 vs RSA]
* [https://security.stackexchange.com/q/101044/131156 Is it bad that my ed25519 key is so short compared to a RSA key?]
* [https://medium.com/risan/upgrade-your-ssh-key-to-ed25519-c6e8d60d3c54 Upgrade Your SSH Key to Ed25519]
* [https://cryptsus.com/blog/how-to-secure-your-ssh-server-with-public-key-elliptic-curve-ed25519-crypto.html How to secure your SSH server with public key Ed25519 Elliptic Curve Cryptography]
* [https://wiki.metalevel.tech/index.php?oldid=30758 <u>The previous version of the answer which uses RSA key</u>].
{{collapse/end}}
== References ==
== References ==
* ...
* ...


Revision as of 15:57, 5 September 2022

Lin­ux Serv­er
Lin­ux Desk­top

In­stall SSH Serv­er and Client

The SSH client is the soft­ware that makes an SSH con­nec­tion to a re­mote in­stance. The SSH serv­er is the soft­ware that ac­cepts the con­nec­tion no the re­mote in­stance. In case we don't need to con­nect to the client in­stance – i.e. it is lap­top, we do not neet to in­stall the serv­er.

sudo apt install openssh-server openssh-client

When the serv­er is in­stalled its ser­vice is au­to­mat­i­cal­ly en­abled and start­ed, so if we have in­stalled both pack­ages above, we can test whether it is op­er­a­tional by an SSH to the loop-back in­ter­face.

sudo apt install openssh-server openssh-client

By de­fault with­in the SSH server's con­fig­u­ra­tion the pass­word lo­gin is en­abled. It is much safer to use key based au­then­ti­ca­tion and once it is set­up and op­er­a­tional we can safe­ly dis­able the pass­word au­then­ti­ca­tion.

Set­up Key Based Au­then­ti­ca­tion

First we need to gen­er­ate SSH key pair . This should be done at the client's side. It is prefer­able to use ED25519 based key, be­cause it is more se­cure and al­so it is faster be­cause is much short­en es­pe­cial­ly than 4096 bit RSA key.

#Ref­er­ences

Ref­er­ences


Retrieved from "https://wiki.metalevel.tech/index.php?title=SSH_Connection_Setup&oldid=31159"