SSH Connection Setup: Difference between revisions
mNo edit summary |
mNo edit summary |
||
| Line 1: | Line 1: | ||
<noinclude>{{ContentArticleHeader/Linux_Server|toc=off}}{{ContentArticleHeader/Linux_Desktop}}</noinclude> | <noinclude>{{ContentArticleHeader/Linux_Server|toc=off}}{{ContentArticleHeader/Linux_Desktop}}</noinclude> | ||
== Install SSH Server and Client == | |||
The SSH client is the software that makes an SSH connection to a remote instance. The SSH server is the software that accepts the connection no the remote instance. In case we don't need to connect to the client instance - i.e. it is laptop, we do not neet to install the server.<syntaxhighlight lang="shell" line="1"> | |||
sudo apt install openssh-server openssh-client | |||
</syntaxhighlight>When the server is installed its service is automatically enabled and started, so if we have installed both packages above, we can test whether it is operational by an SSH to the loop-back interface.<syntaxhighlight lang="shell" line="1"> | |||
sudo apt install openssh-server openssh-client | |||
</syntaxhighlight>By default within the SSH server's configuration the password login is enabled. It is much safer to use key based authentication and once it is setup and operational we can safely disable the password authentication. | |||
== Setup Key Based Authentication == | |||
{{collapse/begin}} | |||
First we need to generate SSH key pair . This should be done at the client's side. It is preferable to use '''ED25519''' based key, because it is more secure and also it is faster because is much shorten especially than 4096 bit RSA key. | |||
{{collapse/div|#References}} | |||
*[https://security.stackexchange.com/q/90077/131156 SSH Key: Ed25519 vs RSA] | |||
* [https://security.stackexchange.com/q/101044/131156 Is it bad that my ed25519 key is so short compared to a RSA key?] | |||
* [https://medium.com/risan/upgrade-your-ssh-key-to-ed25519-c6e8d60d3c54 Upgrade Your SSH Key to Ed25519] | |||
* [https://cryptsus.com/blog/how-to-secure-your-ssh-server-with-public-key-elliptic-curve-ed25519-crypto.html How to secure your SSH server with public key Ed25519 Elliptic Curve Cryptography] | |||
* [https://wiki.metalevel.tech/index.php?oldid=30758 <u>The previous version of the answer which uses RSA key</u>]. | |||
{{collapse/end}} | |||
== References == | == References == | ||
* ... | * ... | ||
Revision as of 14:57, 5 September 2022
Install SSH Server and Client
The SSH client is the software that makes an SSH connection to a remote instance. The SSH server is the software that accepts the connection no the remote instance. In case we don't need to connect to the client instance – i.e. it is laptop, we do not neet to install the server.
sudo apt install openssh-server openssh-client
When the server is installed its service is automatically enabled and started, so if we have installed both packages above, we can test whether it is operational by an SSH to the loop-back interface.
sudo apt install openssh-server openssh-client
By default within the SSH server's configuration the password login is enabled. It is much safer to use key based authentication and once it is setup and operational we can safely disable the password authentication.
Setup Key Based Authentication
First we need to generate SSH key pair . This should be done at the client's side. It is preferable to use ED25519 based key, because it is more secure and also it is faster because is much shorten especially than 4096 bit RSA key.
References
- …
- …
