Difference between revisions of "Package talk:OpenSSH"

From Funtoo
Jump to navigation Jump to search
m (Threesixes moved page Talk:SSH to Package talk:OpenSSH: because heretics)
m (update info prepping to move to main article)
Line 4: Line 4:
on your client run
on your client run
<console>###i## ssh-keygen -t rsa</console>
<console>###i## ssh-keygen -t rsa</console>
then hit enter like 5 times to generate your key
Dialogs will be presented, you can press enter several times to accept defaults.
move the client ~/.ssh/id_rsa.pub to the server user your logging in as ~/.ssh/authorized_keys
 
<code>~/.ssh/id_rsa.pub</code> will be generated.  Copy or append the contents of this file to the servers <code>~/.ssh/authorized_keys</code>


==== Server ====
==== Server ====
useradd a user
Create a user, or select which user the client will be accessing the server as,  then place clients id_rsa.pub file into the users <code>~/.ssh/authorized_keys</code>
 
then place clients id_rsa.pub file into the new users ~/.ssh/authorized_keys


==== Single Machine Testing ====
==== Single Machine Testing ====
<console>###i## ssh-keygen -t rsa</console>
<console>###i## ssh-keygen -t rsa</console>
enter 5 times
Press enter several times to accept default settings.
 
<console>###i## cp ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys</console>
<console>###i## mv ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys</console>
<console>###i## ssh localhost</console>
<console>###i## ssh localhost</console>




== Intrusion Prevention ==
== Intrusion Prevention ==
ssh is a commonly attacked service. [[sshguard]] & [[fail2ban]] monitor logs and black list remote users who have repeatedly failed to login.
ssh is a commonly attacked service. {{package|app-admin/sshguard}} monitors logs, and black list remote users who have repeatedly failed to login.

Revision as of 02:32, December 28, 2014

keys

Passwordless Authentication

Client

on your client run 

root # ssh-keygen -t rsa

Dialogs will be presented, you can press enter several times to accept defaults.

~/.ssh/id_rsa.pub will be generated. Copy or append the contents of this file to the servers ~/.ssh/authorized_keys

Server

Create a user, or select which user the client will be accessing the server as, then place clients id_rsa.pub file into the users ~/.ssh/authorized_keys

Single Machine Testing

root # ssh-keygen -t rsa

Press enter several times to accept default settings. 

root # cp ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys
root # ssh localhost


Intrusion Prevention

ssh is a commonly attacked service. app-admin/sshguard monitors logs, and black list remote users who have repeatedly failed to login.

Retrieved from "https://www.funtoo.org/index.php?title=Package_talk:OpenSSH&oldid=7840"