PCTResearch Wiki

User Tools

Site Tools

Trace:
ssh_openssh_keys

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
ssh_openssh_keys [2025/02/20 01:01] – [Generating RSA Keys] jianwussh_openssh_keys [2025/02/26 03:55] (current) jianwu
Line 1: Line 1:
 +[[https://pctresearch.com/|{{:wiki_banner.jpg?nolink&800|}}]]
 +
 ===== SSH/OpenSSH/Keys ===== ===== SSH/OpenSSH/Keys =====
 To install the OpenSSH client applications on your Ubuntu system, use this command at a terminal prompt: To install the OpenSSH client applications on your Ubuntu system, use this command at a terminal prompt:
Line 30: Line 32:
 </code> </code>
 <code Bash> <code Bash>
-$ touch /home/kan/authorized_keys+$ touch /home/<user name>/authorized_keys
 </code> </code>
 +=== Recommended Setting of sshd_config ===
 <code Bash> <code Bash>
-$ vim /etc/ssh/sshd_config+sudo vim /etc/ssh/sshd_config
 -- --
-PasswordAuthentication yes+PasswordAuthentication no 
 +UsePAM yes 
 +X11Forwarding yes 
 +AllowUsers <user_name> 
 +AllowGroups <group_name>
 -- --
 +</code>
 +<code Bash>
 +$ sudo systemctl restart ssh
 +</code>
 +=== ufw setting ===
 +<code Bash>
 +$ sudo ufw allow from <client_ip_address> to any port <port_no> comment 'Allow ssh from client'
 +
 + ex)
 +$ sudo ufw allow from 192.168.1.0/24 to any port 22 comment 'Allow ssh from local'
 </code> </code>
  
-==== Work as SSH Client ==== 
 ==== Work as SSH Client - Generating RSA Keys ==== ==== Work as SSH Client - Generating RSA Keys ====
 To create your public and private SSH keys on the command-line: To create your public and private SSH keys on the command-line:
Line 67: Line 83:
 ==== Transfer Client Key to Host ==== ==== Transfer Client Key to Host ====
 The key you need to transfer to the host is the public one. If you can log in to a computer over SSH using a password, you can transfer your RSA key by doing the following from your own computer: The key you need to transfer to the host is the public one. If you can log in to a computer over SSH using a password, you can transfer your RSA key by doing the following from your own computer:
-<code Bash>+<code Dos>
 $ ssh-copy-id <username>@<host> $ ssh-copy-id <username>@<host>
 </code> </code>
Line 74: Line 90:
 In practice, copy and paste the entire contents of id_rsa.pub to the bottom of authorized_keys on the SSH server side. In practice, copy and paste the entire contents of id_rsa.pub to the bottom of authorized_keys on the SSH server side.
 ==== to show the key's bit-size and fingerprint ==== ==== to show the key's bit-size and fingerprint ====
-<code Bash>+<code Dos>
 $ ssh-keygen -l -f <key file name> $ ssh-keygen -l -f <key file name>
 </code> </code>
Line 82: Line 98:
 </code> </code>
 ==== SSH login ==== ==== SSH login ====
-<code Bash>+<code Dos>
 $ ssh <username>@<host> $ ssh <username>@<host>
 </code> </code>
 ==== Enter SSH passphrase once ==== ==== Enter SSH passphrase once ====
-<code Bash>+<code Dos>
 $ ssh-agent bash $ ssh-agent bash
 $ ssh-add ~/.ssh/id_rsa $ ssh-add ~/.ssh/id_rsa
Line 98: Line 114:
 C:\Users\<user name>\\ C:\Users\<user name>\\
 To create the keys, type: To create the keys, type:
-<code>+<code Bash>
 C:\Users\<user name> > ssh-keygen.exe C:\Users\<user name> > ssh-keygen.exe
   or   or
Line 108: Line 124:
 === WSL or ubuntu === === WSL or ubuntu ===
 /home/pctr/.ssh/config /home/pctr/.ssh/config
-<code Text>+<code Bash>
 host ubuntu host ubuntu
     ForwardAgent yes     ForwardAgent yes
Line 123: Line 139:
 === Windows === === Windows ===
 C:\Users\kan\.ssh\config C:\Users\kan\.ssh\config
-<code Text>+<code Dos>
 Host pctresearch Host pctresearch
   HostName host_name_of_server   HostName host_name_of_server
Line 130: Line 146:
   IdentityFile "C:\Users\ptsr\.ssh\file_name_of_private_key"   IdentityFile "C:\Users\ptsr\.ssh\file_name_of_private_key"
   IdentitiesOnly yes   IdentitiesOnly yes
 +  AddressFamily inet
   User pctresearch   User pctresearch
  
Line 136: Line 153:
     ServerAliveCountMax 10000     ServerAliveCountMax 10000
 </code> </code>
 +:!: AddressFamily - Specifies which address family to use when connecting. Valid arguments are any (the default), inet (use IPv4 only), or inet6 (use IPv6 only). 
 +
 Usage of ssh connection Usage of ssh connection
-<code Bash+<code Dos
-ssh pctresearch+ssh pctresearch
 </code> </code>
  
ssh_openssh_keys.1739980884.txt.gz · Last modified: 2025/02/20 01:01 by jianwu