Differences

This shows you the differences between two versions of the page.

how_to_use_ssh [2008/06/21 10:42]
80.45.94.56
how_to_use_ssh [2008/08/13 18:03] (current)
81.252.204.221
Line 1: Line 1:
 +====== How to use SSH ======
 +[[wp>SSH]] is a secure shell, mostly use for secure remote access.
 +
 +===== Installation =====
 +
 +Under [[Debian]], just install the following packages :
 + 
 +  sudo apt-get install ssh
 +
 +===== Access to a remote computer =====
 +
 +For example, if you want to access to tryphon.org's servers :
 +
 +  [user@host] ssh user@ssh.tryphon.org
 +  user@ssh.tryphon.org's password:
 +  Last login: Sun May 13 08:24:48 2002
 +  [user@ssh.tryphon.org user]$
 +
 +This will work only if you have a account on our server/remote computer ;-)
 +
 +===== The private/public key authentication =====
 +
 +The SSH protocol allow to akey authentication. To use it, you wil need to follow these two step :
 +
 +====  Create the private/public pair of keys. ====
 +
 +  [user@host user]$ ssh-keygen -t rsa
 +  Generating public/private rsa key pair.
 +  Enter file in which to save the key (/home/user/.ssh/id_rsa):
 +  Enter passphrase (empty for no passphrase):
 +  Enter same passphrase again:
 +  Your identification has been saved in /home/user/.ssh/id_rsa.
 +  Your public key has been saved in /home/user/.ssh/id_rsa.pub.
 +  The key fingerprint is:
 +  b3:fe:8f:95:8b:60:a5:c6:0c:37:73:1b:7c:30:ac:fd user@host
 +
 +==== Transmit the public key to the remote computer ====
 +
 +Just add the content of ''~/.ssh/id_rsa.pub'' to the remote file : ''~/.ssh/authorized_keys''. You should make it trough ssh :
 +
 +  [user@host user]$ cat .ssh/id_rsa.pub | ssh user@ssh.tryphon.org "chmod g-w ~/; mkdir -p .ssh; chmod 700 .ssh; cat - >> .ssh/authorized_keys2"
 +  The authenticity of host 'ssh.tryphon.org (x.x.x.x)' can't be established.
 +  RSA key fingerprint is 55:47:3a:d1:aa:c2:bd:96:3c:8e:4f:cc:c5:0e:33:d0.
 +  Are you sure you want to continue connecting (yes/no)? yes
 +  Warning: Permanently added 'ssh.tryphon.org' (RSA) to the list of known hosts.
 +  user@ssh.tryphon.org's password:
 +
 +You can check right of your ''.ssh'' directory to avoid security problem :
 +
 +  [user@ssh.tryphon.org] ll -d . .ssh .ssh/*
 +  drwxr-xr-x    6 user    user        4096 May 13 11:26 .
 +  drwx------    2 user    user        4096 May  8 11:10 .ssh
 +  -rw-------    1 user    user         240 Jan 15 15:03 .ssh/authorized_keys2
 +  -rw-r--r--    1 user    user         221 May  8 10:16 .ssh/known_hosts
 +  -rw-r--r--    1 user    user         461 Feb 20 16:11 .ssh/known_hosts2
 +
 +===== Use an alternate port for SSH =====
 +
 +To avoid ssh scaning and continuous authentification attempts,
 +you can configure your ssh server to listen on another port than the default port 22.
 +
 +There is the configuration changes to listen on port 1234 (but choose our own port).
 +
 +==== Server setup ====
 +
 +in ''/etc/ssh/sshd_config'', add :
 +
 +  Port 1234
 +
 +Remove the default port 22 **after testing the alternative port**.
 +
 +==== Client setup ====
 +
 +To use the alternative port, use the ssh -p option :
 +
 +  ssh -p 1234 user@sshserver
 +
 +You can configure this option in your ssh client configuration.
 +
 +In ''~/.ssh/config'' or ''/etc/ssh/ssh_config'', add :
 +
 +  Host sshserver
 +  Port 1234
 +
 +
 +
 +===== Links =====
 +
 +  * [[http://www.openssh.org|OpenSSH]]
 +  * [[http://www.browsershell.com|Web based SSH]]
 
how_to_use_ssh.txt · Last modified: 2008/08/13 18:03 by 81.252.204.221
 
Except where otherwise noted, content on this wiki is licensed under the following license:CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Run by Debian Driven by DokuWiki