SSH Connection Setup: Difference between revisions

From WikiMLT
VisualWikitext
mNo edit summary
Line 18: Line 18:
* [https://wiki.metalevel.tech/index.php?oldid=30758 <u>The previous version of the answer which uses RSA key</u>].
* [https://wiki.metalevel.tech/index.php?oldid=30758 <u>The previous version of the answer which uses RSA key</u>].
{{collapse/end}}
{{collapse/end}}
Generate public and private SSH keys within ''your'' '''user's''' <code>'''~/.ssh'''</code> directory at the '''local host'''. The public key must be transferred to the remote host. The private key will be used at the local host.
<syntaxhighlight lang="shell" line="1" class="mlw-continue">
mkdir -m700 ~/.ssh/sshfwd
ssh-keygen -t ed25519 -C 'sshfwd@local.host' -f ~/.ssh/sshfwd/id_ed25519_to_hostname -q -N ''
</syntaxhighlight>
<syntaxhighlight lang="shell" line="1" class="mlw-shell-gray">
ls -la ~/.ssh/sshfwd
</syntaxhighlight>
<syntaxhighlight lang="bash">
total 16
drwx------  2 <user> <user> 4096 Jul 20 21:36 .
drwx------ 12 <user> <user> 4096 Jul 20 21:28 ..
-rw-------  1 <user> <user> 3381 Jul 20 21:36 id_ed25519_to_hostname
-rw-r--r--  1 <user> <user>  742 Jul 20 21:36 id_ed25519_to_hostname.pub
</syntaxhighlight>
*<code>-q</code> - silence; <code>-N <nowiki>''</nowiki></code> - empty (without) passphrase.


== References ==
== References ==

Revision as of 16:51, 5 September 2022

Lin­ux Serv­er
Lin­ux Desk­top

In­stall SSH Serv­er and Client

The SSH client is the soft­ware that makes an SSH con­nec­tion to a re­mote in­stance. The SSH serv­er is the soft­ware that ac­cepts the con­nec­tion no the re­mote in­stance. In case we don't need to con­nect to the client in­stance – i.e. it is lap­top, we do not neet to in­stall the serv­er.

sudo apt install openssh-server openssh-client

When the serv­er is in­stalled its ser­vice is au­to­mat­i­cal­ly en­abled and start­ed, so if we have in­stalled both pack­ages above, we can test whether it is op­er­a­tional by an SSH to the loop-back in­ter­face.

sudo apt install openssh-server openssh-client

By de­fault with­in the SSH server's con­fig­u­ra­tion the pass­word lo­gin is en­abled. It is much safer to use key based au­then­ti­ca­tion and once it is set­up and op­er­a­tional we can safe­ly dis­able the pass­word au­then­ti­ca­tion.

Set­up Key Based Au­then­ti­ca­tion

First we need to gen­er­ate SSH key pair . This should be done at the client's side. It is prefer­able to use ED25519 based key, be­cause it is more se­cure and al­so it is faster be­cause is much short­en es­pe­cial­ly than 4096 bit RSA key.

#Ref­er­ences

Gen­er­ate pub­lic and pri­vate SSH keys with­in your user's ~/.ssh di­rec­to­ry at the lo­cal host. The pub­lic key must be trans­ferred to the re­mote host. The pri­vate key will be used at the lo­cal host. 

mkdir -m700 ~/.ssh/sshfwd
ssh-keygen -t ed25519 -C 'sshfwd@local.host' -f ~/.ssh/sshfwd/id_ed25519_to_hostname -q -N ''

ls -la ~/.ssh/sshfwd

total 16
drwx------  2 <user> <user> 4096 Jul 20 21:36 .
drwx------ 12 <user> <user> 4096 Jul 20 21:28 ..
-rw-------  1 <user> <user> 3381 Jul 20 21:36 id_ed25519_to_hostname
-rw-r--r--  1 <user> <user>  742 Jul 20 21:36 id_ed25519_to_hostname.pub
  • -q – si­lence; -N '' – emp­ty (with­out) passphrase.

Ref­er­ences


Retrieved from "https://wiki.metalevel.tech/index.php?title=SSH_Connection_Setup&oldid=31160"