SSH

From Network Security Wiki


Secure Shell (SSH) Tips & Tricks:

Passwordless SSH Aunthentication

ssh-keygen  [Press enter key 3 times]                          # Generate SSH key pair (public + private key)
ssh-copy-id -i ~/.ssh/id_rsa.pub -p 2222 user@example.com      # Copy Public key to remote server
  user@example.com's password:xxxxxxxxxxx
ssh -p 2222 user@example.com                                   # Test connectivity
Alternative

Add the following to .bashrc file: 

alias easyssh='sshpass -p passwd ssh user@example.com -p 2222'

But this may be a security issue as password can be found from logs & this file.

MySQL connection over SSH tunnel

ssh -f user@ssh.server.com -L 3307:mysql1.server.com:3306 -N

Then at localhost: 

mysql -h 127.0.0.1 -P 3307 -u dbuser -p db

Use Key-less SSH login to skip password entry.


Copy files via SSH

scp -rp FILE_NAME USERNAME@HOST:DEST_PATH
sshpass -p nsroot scp -rp nsroot@10.107.88.78:/nsconfig/ns.conf conf.txt


Disable SSH timeout

Completely disable SSH timeout 

sudo nano /etc/ssh/sshd_config

  TCPKeepAlive yes
  ClientAliveInterval 30
  ClientAliveCountMax 99999

sudo service sshd restart

Password from LAN, Key from Internet

Source: ubuntuforums.org 

sudo nano /etc/ssh/sshd_config

# require a key for everybody
PasswordAuthentication no

# any member of the group 'downstairs' can log in without a key
# while connecting from the subnet 
Match Address 192.168.0.0/16 Group downstairs
    PasswordAuthentication yes


{{#widget:DISQUS |id=networkm |uniqid=SSH |url=https://aman.awiki.org/wiki/SSH }}

Retrieved from "https://aman.awiki.org/wiki/SSH?oldid=4296"