Difference between revisions of "OpenSSH"

From wikieduonline
Jump to navigation Jump to search
Line 32: Line 32:
 
* [[Configure OpenSSH to reuse ssh connections]] (<code>ControlMaster</code>)
 
* [[Configure OpenSSH to reuse ssh connections]] (<code>ControlMaster</code>)
 
* Generate a public Key from a private Key: <ref>https://serverfault.com/questions/52285/create-a-public-ssh-key-from-the-private-key</ref><code>[[ssh-keygen]] -f ~/.ssh/id_rsa -y > ~/.ssh/id_rsa.pub</code> (example for RSA keys but can be applied to other key types)
 
* Generate a public Key from a private Key: <ref>https://serverfault.com/questions/52285/create-a-public-ssh-key-from-the-private-key</ref><code>[[ssh-keygen]] -f ~/.ssh/id_rsa -y > ~/.ssh/id_rsa.pub</code> (example for RSA keys but can be applied to other key types)
* [[Configure OpenSSH to allow Public-key authentication]]<ref>https://www.digitalocean.com/community/tutorials/how-to-configure-ssh-key-based-authentication-on-a-linux-server</ref>
+
* [[Configure OpenSSH to allow Public-key authentication]] (<code>authorized_keys</code>)<ref>https://www.digitalocean.com/community/tutorials/how-to-configure-ssh-key-based-authentication-on-a-linux-server</ref>
 
* [[/Activate SSH on macos/]]: <code>sudo systemsetup -setremotelogin on</code>
 
* [[/Activate SSH on macos/]]: <code>sudo systemsetup -setremotelogin on</code>
  

Revision as of 12:30, 26 December 2019

OpenSSH is a popular suite of software utilities implementing Secure Shell (SSH) protocol. OpenSSH includes the ability to set up a TCP secured channel and it is widely use as a replacement for not secured telnet and secure replacement of file transfers such as rcp and ftp. OpenSSH offers a great number of features including ssh session multiplexing. [1][2]


The OpenSSH suite includes the following command-line utilities and daemons:

  • ssh, ssh client and TCP secure replacement for <templatestyles src="Mono/styles.css" />rlogin, <templatestyles src="Mono/styles.css" />rsh and <templatestyles src="Mono/styles.css" />telnet to allow shell access to a remote machine.
  • scp, a replacement for <templatestyles src="Mono/styles.css" />rcp (Unix)
  • <templatestyles src="Mono/styles.css" />sftp, a replacement for <templatestyles src="Mono/styles.css" />ftp to copy files between computers
  • sshd, the SSH server daemon which allows shell access and file transfers to a remote machine.
  • ssh-keygen, a tool to inspect and generate the RSA, DSA and Elliptic Curve keys that are used for user and host authentication
  • ssh-agent and ssh-add, utilities to ease authentication by holding keys ready and avoid the need to enter passphrases every time they are used
  • ssh-keyscan, which scans a list of hosts and collects their public keys
  • ssh-copy-id, copy local keys to remote machine.

Readings

ssh clients

OpenSSH includes an ssh client:ssh. Others clients are available such us putty, mosh, paramiko and autossh[3].

autossh[4] main feature not include in OpenSSH ssh client is the capability to monitor an ssh connection and restart it if necessary.

  • Loop waiting to connect to server: AUTOSSH_POLL=5 AUTOSSH_GATETIME=0 autossh -M 0 -o ServerAliveInterval=5 -o ServerAliveCountMax=1 YOUR_SERVER_NAME_OR_IP

Ssh clients in Linux are frequently executed inside a terminal or using any kind of terminal multiplexer such as tmux or screen.

Activities

Basic

Intermediate

  • Learn about different client connection options, such us: -oBatchMode=yes or -o ConnectTimeout=2[7]
  • Connect to remote server temporarily turning off host key checking, (security implications): ssh -oStrictHostKeyChecking=no SERVER_NAME

Advanced

  1. Read ssh documentation about multiplexing https://en.wikibooks.org/wiki/OpenSSH/Cookbook/Multiplexing and its implementation details: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.mux?annotate=HEAD
  2. Configure ssh session multiplexing
  3. Use ProxyJump directive to connect using a "Jump Server"[8]
  4. Run a shell script on a remote machine using ssh: ssh root@MachineB 'bash -s' < local_script.sh[9]. See also: parallel
  5. Read https://github.com/openssh/openssh-portable source code

See also

Text is available under the Creative Commons Attribution-ShareAlike License; additional terms may apply. By using this site, you agree to the Terms of Use and Privacy Policy.

Original source: https://en.wikiversity.org/wiki/OpenSSH

  1. https://en.wikibooks.org/wiki/OpenSSH/Cookbook/Multiplexing
  2. https://stackoverflow.com/questions/20410252/how-to-reuse-an-ssh-connection
  3. https://linux.die.net/man/1/autossh
  4. https://linux.die.net/man/1/autossh
  5. https://serverfault.com/questions/52285/create-a-public-ssh-key-from-the-private-key
  6. https://www.digitalocean.com/community/tutorials/how-to-configure-ssh-key-based-authentication-on-a-linux-server
  7. https://linux.die.net/man/1/ssh
  8. https://en.wikibooks.org/wiki/OpenSSH/Cookbook/Proxies_and_Jump_Hosts#Passing_Through_One_or_More_Gateways_Using_ProxyJump
  9. https://stackoverflow.com/a/2732991
  10. https://github.com/yrutschle/sslh
  11. https://serverfault.com/a/608976
Retrieved from "https://www.wikieduonline.com/index.php?title=OpenSSH&oldid=3681"

Advertising: