Changes

Jump to navigation Jump to search

Linux: SSH (view source)

Revision as of 00:37, 24 April 2015

2,052 bytes added ,  00:37, 24 April 2015
no edit summary
Line 1: Line 1:  +
SSH stands for Secure Shell. Establishes a secure communication between 2 computers.<br />
 +
== Create a key pair ==
 +
To create a key pair for the ssh:
 +
ssh-keygen -t rsa -C "your_email@example.com"
 +
To convert the key pair to PEM format:
 +
ssh-keygen -e -f id_rsa.pub > yourfilename.pub
 +
-i is the inverse of the -e switch
 +
== Add the key to the ssh-agent ==
 +
eval "$(ssh-agent -s)"
 +
ssh-add ~/.ssh/id_rsa
 +
== View key information ==
 +
ssh-keygen -l -f id_rsa.pub
 +
Returns something like: 2048 3f:4b:dd:ce:2b:cd:dc:99:13:ff:38:4a:24:95:d4:e9  rafahsolis@gmail.com (RSA)
 +
== ssh tunneling ==
 +
This is used for example to connect to a database on a server that has the database port closed but ssh port open.<br />
 +
*ssh -N -L localport:remotehost:remoteport remoteuser@remotehost
 +
Example:
 +
ssh -i .ssh/MySshKey.pem -N -L 8888:localhost:3306 ubuntu@myserver.com
 +
This will tunnel local port 8888 to the remote port 3306 (MySQL port) So you would be able to connect to<br />
 +
the database on myserver.com using your local port 8888.<br />
 +
(*) -N tells ssh that you won't execute any commands on the ssh shell.<br />
 +
=== Check/close open tunnels ===
 +
<nowiki>
 +
netstat -n --protocol inet | grep ':22'
 +
sudo lsof -i -n | egrep '\<ssh\>'
 +
sudo lsof -i -n | egrep '\<sshd\>'</nowiki>
 +
 +
'''To close open tunnels'''<br />
 +
kill using the pattern:
 +
kill pkill -f my_ssh_key.pem 
 +
'''To see what it will kill'''
 +
ps aux | grep my_ssh_key.pem
 +
 +
== Configuration ==
 +
Edit the following files to configure ssh<br />
 +
(Message of the Day)
 +
*/etc/motd
 +
Other settings:
 +
*/etc/ssh/sshd_config
 +
Recomended: Disable password login
 +
 +
== Videos ==
 +
[https://www.dropbox.com/s/uxng22kpge7luxf/SSH%20Tutorial%20-%20Basic%20server%20administration%20with%20SSH-DbPDraCYju8.mp4?dl=0 SSH Tutorial Basic server administration with SSH (mp4)]<br />
 +
[https://www.dropbox.com/s/hzvkdcdw11t1cxk/SSH%20SCP%20and%20key%20pairs%20tutorial%20%28Secure%20authentication%20and%20encrypted%20comunication%29-oHoRYCY-LYU.mp4?dl=0 SSH SCP and key pairs tutorial Secure authentication and encrypted comunication (mp4)]
 +
 
== Config file ==
 
== Config file ==
 
sudo nano /etc/ssh/sshd_config
 
sudo nano /etc/ssh/sshd_config
Retrieved from "https://wiki.herrerosolis.com/index.php/Special:MobileDiff/520"

Navigation menu