ssh setup2018.02.13 [Ubuntu 16.04] - My minimal todo's after openssh-server installation. Note that below setup can cause some security implecations.
Client sideClient ssh public key needs registered to the server by doing something like:
% ssh [email protected]_SERVER_IP "echo `cat ~/.ssh/PUBKEY_FILENAME` >> ~/.ssh/authorized_keys"
. Also configure ssh as below for easier log-on:
~/.ssh/configHost mysshserver HostName SERVER_HOSTNAME User USERNAME IdentityFile ~/.ssh/SECRET_KEY_FILENAME
, so ssh log-on can be done by doing:
% ssh mysshserver
. Alternatively, the key file can be specified on the commmand line:
% ssh [email protected]_SERVER_IP -i ~/.ssh/SECRECTKEY_FILENAME
PasssharePrivate key can be protected by a passshare and if so it needs to be unlocked with every ssh logon with the key. Below command can handle it for you, although this is less secure.
% ssh-add ~/.ssh/id_rsa
Server sideModify sshd config as below to 1) disable password authentication, 2) enable public key authentication, and optinoally, even 3) change port number for more security.
/etc/ssh/sshd_config: Port 22 : #PasswordAuthentication yes : PubkeyAuthentication no :
/etc/ssh/sshd_config: Port 8022 # or any allocatable number. Optional. : PasswordAuthentication no # note: uncommented : PubkeyAuthentication yes :