SSH: Difference between revisions
Content added Content deleted
m (→Passwordless SSH Aunthentication: added) |
|||
| (4 intermediate revisions by the same user not shown) | |||
| Line 4: | Line 4: | ||
== Passwordless SSH Aunthentication == |
== Passwordless SSH Aunthentication == |
||
ssh-keygen [Press enter key 3 times] |
ssh-keygen [Press enter key 3 times] # Generate SSH key pair (public + private key) |
||
ssh-copy-id -i ~/.ssh/id_rsa.pub -p 2222 user@example.com |
ssh-copy-id -i ~/.ssh/id_rsa.pub -p 2222 user@example.com # Copy Public key to remote server |
||
user@example.com's password:xxxxxxxxxxx |
user@example.com's password:xxxxxxxxxxx |
||
ssh -p 2222 user@example.com |
ssh -p 2222 user@example.com # Test connectivity |
||
Alternative: |
;Alternative: |
||
Add the following to '''.bashrc''' file: |
Add the following to '''.bashrc''' file: |
||
| Line 43: | Line 43: | ||
sudo service sshd restart |
sudo service sshd restart |
||
== Password from LAN, Key from Internet == |
|||
Source: [https://ubuntuforums.org/showthread.php?t=1303735 ubuntuforums.org] |
|||
sudo nano /etc/ssh/sshd_config |
|||
# require a key for everybody |
|||
PasswordAuthentication no |
|||
# any member of the group 'downstairs' can log in without a key |
|||
# while connecting from the subnet |
|||
Match Address 192.168.0.0/16 Group downstairs |
|||
PasswordAuthentication yes |
|||
Latest revision as of 12:08, 2 July 2020
Secure Shell (SSH) Tips & Tricks:
Passwordless SSH Aunthentication
ssh-keygen [Press enter key 3 times] # Generate SSH key pair (public + private key) ssh-copy-id -i ~/.ssh/id_rsa.pub -p 2222 user@example.com # Copy Public key to remote server user@example.com's password:xxxxxxxxxxx ssh -p 2222 user@example.com # Test connectivity
- Alternative
Add the following to .bashrc file:
alias easyssh='sshpass -p passwd ssh user@example.com -p 2222'
But this may be a security issue as password can be found from logs & this file.
MySQL connection over SSH tunnel
ssh -f user@ssh.server.com -L 3307:mysql1.server.com:3306 -N
Then at localhost:
mysql -h 127.0.0.1 -P 3307 -u dbuser -p db
Use Key-less SSH login to skip password entry.
Copy files via SSH
scp -rp FILE_NAME USERNAME@HOST:DEST_PATH sshpass -p nsroot scp -rp nsroot@10.107.88.78:/nsconfig/ns.conf conf.txt
Disable SSH timeout
Completely disable SSH timeout
sudo nano /etc/ssh/sshd_config
TCPKeepAlive yes ClientAliveInterval 30 ClientAliveCountMax 99999
sudo service sshd restart
Password from LAN, Key from Internet
Source: ubuntuforums.org
sudo nano /etc/ssh/sshd_config
# require a key for everybody
PasswordAuthentication no
# any member of the group 'downstairs' can log in without a key
# while connecting from the subnet
Match Address 192.168.0.0/16 Group downstairs
PasswordAuthentication yes
{{#widget:DISQUS |id=networkm |uniqid=SSH |url=https://aman.awiki.org/wiki/SSH }}