====== SSH ====== ===== SSH Configuration ===== ==== SSH Daemon ==== Config File: ''/etc/ssh/sshd_config'' \\ \\ Allow root login to server PermitRootLogin yes \\ ==== SSH Client ==== Config File: ''/etc/ssh/ssh_config'' \\ \\ Do not use the '~' escape character EscapeChar none This can also be achived by ''ssh //-e none// @'' \\ ===== General SSH Functions ===== ==== SSH to remote host without entering password ==== Generate a private key if not already done. This can be achived with the ''//ssh-keygen//'' command. Should a key already exist, you'll get warned and can abort. srohr@pidev01:~ $ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/srohr/.ssh/id_rsa): /home/srohr/.ssh/id_rsa already exists. Overwrite (y/n)? n srohr@pidev01:~ $ \\ Create a new key. srohr@pidev01:~ $ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/srohr/.ssh/id_rsa): Created directory '/home/srohr/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/srohr/.ssh/id_rsa Your public key has been saved in /home/srohr/.ssh/id_rsa.pub The key fingerprint is: SHA256:KGwUqdYbQVXRG2bnM4NifhhHixn0QjYgB6wMUPr0xj8 srohr@pidev01 The key's randomart image is: +---[RSA 3072]----+ |o..o=+++Bo | |.. ++ o.o* . | |.o.+.. .B.B | | o==o .*.= = | | .. Bo.oS= + | | o.o o . | | E . | | . | | | +----[SHA256]-----+ srohr@pidev01:~ $ \\ On your client, use the ''//ssh-copy-id//'' command to copy your public key to the server you want to connect to. srohr@mars:~$ ssh-copy-id srohr@192.168.16.6 /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys srohr@192.168.16.6's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'srohr@192.168.16.6'" and check to make sure that only the key(s) you wanted were added. srohr@mars:~$ \\ It is now possible to ssh to the remote machine without entering a password. srohr@mars:~$ ssh srohr@192.168.16.6 Linux pidev01 6.1.0-rpi7-rpi-v8 #1 SMP PREEMPT Debian 1:6.1.63-1+rpt1 (2023-11-24) aarch64 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. Last login: Fri Dec 15 10:17:26 2023 from 192.168.16.15 srohr@pidev01:~ $