Difference between revisions of "User:Scott/09"
Jump to navigation
Jump to search
(5 intermediate revisions by the same user not shown) | |||
Line 9: | Line 9: | ||
Resources [[user:scott/07]] | Resources [[user:scott/07]] | ||
Notes [[user:scott/08]] | Notes [[user:scott/08]] | ||
− | SSH | + | Open-SSH [[user:scott/09]] |
{{TOC limit|limit=1}} | {{TOC limit|limit=1}} | ||
Line 30: | Line 30: | ||
==Secure-Copy from local-host to scott@foyer== | ==Secure-Copy from local-host to scott@foyer== | ||
+ | |||
+ | *Example syntax (scp) | ||
+ | *http://www.hypexr.org/linux_scp_help. | ||
+ | |||
$ tar zvcf scott-laptop-photos.tar.gz /path/to/pictures | $ tar zvcf scott-laptop-photos.tar.gz /path/to/pictures | ||
Line 40: | Line 44: | ||
[[#top|top]] | [[#top|top]] | ||
− | =SSH Fundamentals= | + | =open-SSH Fundamentals= |
+ | http://www.youtube.com/watch?v=xLpVFLchF4o | ||
==Install SSH== | ==Install SSH== | ||
Line 110: | Line 115: | ||
*SSH keys allow authentication between two hosts without the need of a password | *SSH keys allow authentication between two hosts without the need of a password | ||
− | ==Generate keys== | + | ==Generate keys on Linux== |
===on local machine do:=== | ===on local machine do:=== | ||
ssh-keygen -t rsa | ssh-keygen -t rsa | ||
Line 117: | Line 122: | ||
===copy "Public Key" ---> To Remote Server=== | ===copy "Public Key" ---> To Remote Server=== | ||
+ | |||
scp ~/.ssh/id_rsa.pub user@remote:~/.ssh/my_key | scp ~/.ssh/id_rsa.pub user@remote:~/.ssh/my_key | ||
Line 124: | Line 130: | ||
by entering: | by entering: | ||
ssh-copy-id username@remotehost | ssh-copy-id username@remotehost | ||
+ | |||
+ | |||
+ | =Use Putty for Windows= | ||
+ | ==Download Putty== | ||
+ | http://www.chiark.greenend.org.uk/~sgtatham/putty/ | ||
+ | ==PuTTYgen == | ||
+ | select SSH-2 RSA - change from 1024 to 2048 | ||
+ | click generate | ||
+ | |||
+ | type in password | ||
+ | save private key | ||
+ | |||
+ | open pageant and add your key | ||
+ | |||
+ | go back to the server | ||
+ | change password authentication = yes | ||
+ | then we can get in via putty to copy the public key | ||
+ | |||
+ | then ssh into server with password | ||
+ | |||
+ | ===copy "Public Key" ---> To Remote Server=== | ||
+ | after ssh into server with password | ||
+ | |||
+ | ~$ cd .ssh | ||
+ | ~/.ssh$ nano authorized_keys | ||
+ | |||
+ | copy key and paste into authorized_keys | ||
+ | |||
+ | go back to the server(you can ssh in now) | ||
+ | change password authentication = no | ||
+ | re-start ssh | ||
+ | |||
+ | ==go back to PuTTY to save session== | ||
+ | click on ssh ---> auth and browse for key |
Latest revision as of 16:52, 26 November 2011
Notes -------------------------------- Home Page user:scott Tech Support user:scott/02 Dir & Files user:scott/03 Network user:scott/04 Troubleshoot user:scott/05 Laptops user:scott/06 Resources user:scott/07 Notes user:scott/08 Open-SSH user:scott/09
SSH to Talon
transfer to foyer, and then to talon.
$ ssh-keygen
$ ssh scott@foyer.freegeek.org - Debug: $ ssh -vvv scott@foyer.freegeek.org 2> ssh-debug.out
$ ssh scott@talon $ ls /usr/local/laptop-eval/ $ sftp://scott@talon/home/scott/laptop-eval
Secure-Copy from local-host to scott@foyer
- Example syntax (scp)
- http://www.hypexr.org/linux_scp_help.
$ tar zvcf scott-laptop-photos.tar.gz /path/to/pictures $ scp scott-laptop-photos.tar.gz scott@foyer.freegeek.org:~
Secure-Copy from scott@foyer to scott@talon
$ scp scott-laptop-photos.tar.gz talon:/usr/local/laptop-eval/photos/
open-SSH Fundamentals
http://www.youtube.com/watch?v=xLpVFLchF4o
Install SSH
sudo apt-get install openssh-client sudo apt-get install openssh-server
Test ssh install
ssh localhost
configure the OpenSSH server
/etc/ssh/sshd_config man sshd_config
copy the original file and protect it from writing
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.original sudo chmod a-w /etc/ssh/sshd_config.original
Configure sshd_config
gksudo gedit /etc/ssh/sshd_config
add the following directives /etc/ssh/sshd_config
#sjnChangedPort = 443 #Port 22 Port 443
#sjnChangedServerKeyBits #ServerKeyBits 768 ServerKeyBits 2048
#sjnChangeLogLevel #LogLevel INFO LogLevel VERBOSE
#sjnChangeLogInGraceTime = 120 LoginGraceTime 1m
#sjnChangeRootLogin = yes PermitRootLogin no
#sjnAuthorizedKeysFile #AuthorizedKeysFile %h/.ssh/authorized_keys
#sjnChangePasswordAuthentication = yes PasswordAuthentication no (then add public key to client)
#sjnChangeBanner (later) #Banner /etc/issue.net #Banner /home/scott/sshxxx.txt
#sjnChangePAM #UsePAM yes UsePAM no
start/stop/restart sshd
sudo /etc/init.d/ssh start sudo service ssh start
sudo /etc/init.d/ssh stop sudo service ssh stop
sudo /etc/init.d/ssh restart sudo service ssh restart
Authentication
- SSH keys allow authentication between two hosts without the need of a password
Generate keys on Linux
on local machine do:
ssh-keygen -t rsa ~/.ssh/id_rsa (private key) ~/.ssh/id_rsa.pub (public key)
copy "Public Key" ---> To Remote Server
scp ~/.ssh/id_rsa.pub user@remote:~/.ssh/my_key
append id_rsa.pub to ~/.ssh/known_hosts by entering: ssh-copy-id username@remotehost
Use Putty for Windows
Download Putty
http://www.chiark.greenend.org.uk/~sgtatham/putty/
PuTTYgen
select SSH-2 RSA - change from 1024 to 2048 click generate type in password save private key
open pageant and add your key
go back to the server change password authentication = yes then we can get in via putty to copy the public key
then ssh into server with password
copy "Public Key" ---> To Remote Server
after ssh into server with password
~$ cd .ssh ~/.ssh$ nano authorized_keys copy key and paste into authorized_keys go back to the server(you can ssh in now) change password authentication = no re-start ssh
go back to PuTTY to save session
click on ssh ---> auth and browse for key