ssh_openssh_keys
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| ssh_openssh_keys [2025/02/20 01:13] – [Work As SSH Server] jianwu | ssh_openssh_keys [2025/02/26 03:55] (current) – jianwu | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | [[https:// | ||
| + | |||
| ===== SSH/ | ===== SSH/ | ||
| To install the OpenSSH client applications on your Ubuntu system, use this command at a terminal prompt: | To install the OpenSSH client applications on your Ubuntu system, use this command at a terminal prompt: | ||
| Line 32: | Line 34: | ||
| $ touch / | $ touch / | ||
| </ | </ | ||
| + | === Recommended Setting of sshd_config === | ||
| <code Bash> | <code Bash> | ||
| - | $ vim / | + | $ sudo vim / |
| -- | -- | ||
| - | PasswordAuthentication yes | + | PasswordAuthentication |
| + | UsePAM | ||
| + | X11Forwarding yes | ||
| + | AllowUsers < | ||
| + | AllowGroups < | ||
| -- | -- | ||
| </ | </ | ||
| + | <code Bash> | ||
| + | $ sudo systemctl restart ssh | ||
| + | </ | ||
| + | === ufw setting === | ||
| + | <code Bash> | ||
| + | $ sudo ufw allow from < | ||
| + | ex) | ||
| + | $ sudo ufw allow from 192.168.1.0/ | ||
| + | </ | ||
| ==== Work as SSH Client - Generating RSA Keys ==== | ==== Work as SSH Client - Generating RSA Keys ==== | ||
| Line 67: | Line 83: | ||
| ==== Transfer Client Key to Host ==== | ==== Transfer Client Key to Host ==== | ||
| The key you need to transfer to the host is the public one. If you can log in to a computer over SSH using a password, you can transfer your RSA key by doing the following from your own computer: | The key you need to transfer to the host is the public one. If you can log in to a computer over SSH using a password, you can transfer your RSA key by doing the following from your own computer: | ||
| - | < | + | < |
| $ ssh-copy-id < | $ ssh-copy-id < | ||
| </ | </ | ||
| Line 74: | Line 90: | ||
| In practice, copy and paste the entire contents of id_rsa.pub to the bottom of authorized_keys on the SSH server side. | In practice, copy and paste the entire contents of id_rsa.pub to the bottom of authorized_keys on the SSH server side. | ||
| ==== to show the key's bit-size and fingerprint ==== | ==== to show the key's bit-size and fingerprint ==== | ||
| - | < | + | < |
| $ ssh-keygen -l -f <key file name> | $ ssh-keygen -l -f <key file name> | ||
| </ | </ | ||
| Line 82: | Line 98: | ||
| </ | </ | ||
| ==== SSH login ==== | ==== SSH login ==== | ||
| - | < | + | < |
| $ ssh < | $ ssh < | ||
| </ | </ | ||
| ==== Enter SSH passphrase once ==== | ==== Enter SSH passphrase once ==== | ||
| - | < | + | < |
| $ ssh-agent bash | $ ssh-agent bash | ||
| $ ssh-add ~/ | $ ssh-add ~/ | ||
| Line 98: | Line 114: | ||
| C: | C: | ||
| To create the keys, type: | To create the keys, type: | ||
| - | < | + | < |
| C: | C: | ||
| or | or | ||
| Line 108: | Line 124: | ||
| === WSL or ubuntu === | === WSL or ubuntu === | ||
| / | / | ||
| - | < | + | < |
| host ubuntu | host ubuntu | ||
| ForwardAgent yes | ForwardAgent yes | ||
| Line 123: | Line 139: | ||
| === Windows === | === Windows === | ||
| C: | C: | ||
| - | < | + | < |
| Host pctresearch | Host pctresearch | ||
| HostName host_name_of_server | HostName host_name_of_server | ||
| Line 130: | Line 146: | ||
| IdentityFile " | IdentityFile " | ||
| IdentitiesOnly yes | IdentitiesOnly yes | ||
| + | AddressFamily inet | ||
| User pctresearch | User pctresearch | ||
| Line 136: | Line 153: | ||
| ServerAliveCountMax 10000 | ServerAliveCountMax 10000 | ||
| </ | </ | ||
| + | :!: AddressFamily - Specifies which address family to use when connecting. Valid arguments are any (the default), inet (use IPv4 only), or inet6 (use IPv6 only). | ||
| + | |||
| Usage of ssh connection | Usage of ssh connection | ||
| - | < | + | < |
| - | $ ssh pctresearch | + | > ssh pctresearch |
| </ | </ | ||
ssh_openssh_keys.1739981585.txt.gz · Last modified: 2025/02/20 01:13 by jianwu