PCTResearch Wiki

User Tools

Site Tools

Trace:
ssh_openssh_keys

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
ssh_openssh_keys [2025/02/21 00:15] – [SSH/OpenSSH/Keys] jianwussh_openssh_keys [2025/02/26 03:55] (current) jianwu
Line 1: Line 1:
 +[[https://pctresearch.com/|{{:wiki_banner.jpg?nolink&800|}}]]
 +
 ===== SSH/OpenSSH/Keys ===== ===== SSH/OpenSSH/Keys =====
 To install the OpenSSH client applications on your Ubuntu system, use this command at a terminal prompt: To install the OpenSSH client applications on your Ubuntu system, use this command at a terminal prompt:
Line 14: Line 16:
  
 ==== Work As SSH Server ==== ==== Work As SSH Server ====
-<code Dos>+<code Bash>
 $ sudo ssh-keygen -A $ sudo ssh-keygen -A
 </code> </code>
 ^-A|Generate host keys of all default key types (rsa, ecdsa, and ed25519) if they do  not  already  exist.| ^-A|Generate host keys of all default key types (rsa, ecdsa, and ed25519) if they do  not  already  exist.|
-<code Dos>+<code Bash>
 $ sudo /etc/init.d/ssh start $ sudo /etc/init.d/ssh start
 Starting ssh (via systemctl): ssh.service. Starting ssh (via systemctl): ssh.service.
Line 26: Line 28:
  
 user(ex. pctr)'s home directory user(ex. pctr)'s home directory
-<code Dos>+<code Bash>
 $ ssh-keygen -t rsa -b 4096 $ ssh-keygen -t rsa -b 4096
 </code> </code>
-<code Dos>+<code Bash>
 $ touch /home/<user name>/authorized_keys $ touch /home/<user name>/authorized_keys
 </code> </code>
 === Recommended Setting of sshd_config === === Recommended Setting of sshd_config ===
-<code Dos>+<code Bash>
 $ sudo vim /etc/ssh/sshd_config $ sudo vim /etc/ssh/sshd_config
 -- --
Line 43: Line 45:
 -- --
 </code> </code>
-<code Dos>+<code Bash>
 $ sudo systemctl restart ssh $ sudo systemctl restart ssh
 </code> </code>
 === ufw setting === === ufw setting ===
-<code Dos>+<code Bash>
 $ sudo ufw allow from <client_ip_address> to any port <port_no> comment 'Allow ssh from client' $ sudo ufw allow from <client_ip_address> to any port <port_no> comment 'Allow ssh from client'
  
Line 57: Line 59:
 To create your public and private SSH keys on the command-line: To create your public and private SSH keys on the command-line:
 user(ex. pctr)'s homedirectory user(ex. pctr)'s homedirectory
-<code Dos>+<code Bash>
 $ mkdir ~/.ssh $ mkdir ~/.ssh
 $ chmod 700 ~/.ssh $ chmod 700 ~/.ssh
Line 63: Line 65:
 </code> </code>
 You will be prompted for a location to save the keys, and a passphrase for the keys. This passphrase will protect your private key while it's stored on the hard drive: You will be prompted for a location to save the keys, and a passphrase for the keys. This passphrase will protect your private key while it's stored on the hard drive:
-<code Dos>+<code Bash>
 Generating public/private rsa key pair. Generating public/private rsa key pair.
 Enter file in which to save the key (/home/b/.ssh/id_rsa): Enter file in which to save the key (/home/b/.ssh/id_rsa):
Line 74: Line 76:
 ==== About Key Encryption Level ==== ==== About Key Encryption Level ====
 Note: The default is a 2048 bit key. You can increase this to 4096 bits with the -b flag (Increasing the bits makes it harder to crack the key by brute force methods). Note: The default is a 2048 bit key. You can increase this to 4096 bits with the -b flag (Increasing the bits makes it harder to crack the key by brute force methods).
-<code Dos>+<code Bash>
  ex)  ex)
 $ ssh-keygen -t rsa -b 4096 $ ssh-keygen -t rsa -b 4096
Line 92: Line 94:
 </code> </code>
 ==== change a ssh passphrase for private key ==== ==== change a ssh passphrase for private key ====
-<code Dos>+<code Bash>
 $ ssh-keygen -p $ ssh-keygen -p
 </code> </code>
Line 122: Line 124:
 === WSL or ubuntu === === WSL or ubuntu ===
 /home/pctr/.ssh/config /home/pctr/.ssh/config
-<code Text>+<code Bash>
 host ubuntu host ubuntu
     ForwardAgent yes     ForwardAgent yes
Line 132: Line 134:
 </code> </code>
 Usage of ssh connection Usage of ssh connection
-<code Dos>+<code Bash>
 $ ssh ubuntu $ ssh ubuntu
 </code> </code>
 === Windows === === Windows ===
 C:\Users\kan\.ssh\config C:\Users\kan\.ssh\config
-<code Text>+<code Dos>
 Host pctresearch Host pctresearch
   HostName host_name_of_server   HostName host_name_of_server
Line 144: Line 146:
   IdentityFile "C:\Users\ptsr\.ssh\file_name_of_private_key"   IdentityFile "C:\Users\ptsr\.ssh\file_name_of_private_key"
   IdentitiesOnly yes   IdentitiesOnly yes
 +  AddressFamily inet
   User pctresearch   User pctresearch
  
Line 150: Line 153:
     ServerAliveCountMax 10000     ServerAliveCountMax 10000
 </code> </code>
 +:!: AddressFamily - Specifies which address family to use when connecting. Valid arguments are any (the default), inet (use IPv4 only), or inet6 (use IPv6 only). 
 +
 Usage of ssh connection Usage of ssh connection
 <code Dos> <code Dos>
-ssh pctresearch+ssh pctresearch
 </code> </code>
  
ssh_openssh_keys.1740064545.txt.gz · Last modified: 2025/02/21 00:15 by jianwu