Difference between revisions of "Package talk:OpenSSH"

m (Threesixes moved page Talk:SSH to Package talk:OpenSSH: because heretics)
m (update info prepping to move to main article)
Line 4: Line 4:
 
on your client run
 
on your client run
 
<console>###i## ssh-keygen -t rsa</console>
 
<console>###i## ssh-keygen -t rsa</console>
then hit enter like 5 times to generate your key
+
Dialogs will be presented, you can press enter several times to accept defaults.
move the client ~/.ssh/id_rsa.pub to the server user your logging in as ~/.ssh/authorized_keys
+
 
 +
<code>~/.ssh/id_rsa.pub</code> will be generated.  Copy or append the contents of this file to the servers <code>~/.ssh/authorized_keys</code>
  
 
==== Server ====
 
==== Server ====
useradd a user
+
Create a user, or select which user the client will be accessing the server as,  then place clients id_rsa.pub file into the users <code>~/.ssh/authorized_keys</code>
 
+
then place clients id_rsa.pub file into the new users ~/.ssh/authorized_keys
+
  
 
==== Single Machine Testing ====
 
==== Single Machine Testing ====
 
<console>###i## ssh-keygen -t rsa</console>
 
<console>###i## ssh-keygen -t rsa</console>
enter 5 times
+
Press enter several times to accept default settings.
 
+
<console>###i## cp ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys</console>
<console>###i## mv ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys</console>
+
 
<console>###i## ssh localhost</console>
 
<console>###i## ssh localhost</console>
  
  
 
== Intrusion Prevention ==
 
== Intrusion Prevention ==
ssh is a commonly attacked service. [[sshguard]] & [[fail2ban]] monitor logs and black list remote users who have repeatedly failed to login.
+
ssh is a commonly attacked service. {{package|app-admin/sshguard}} monitors logs, and black list remote users who have repeatedly failed to login.

Revision as of 02:32, December 28, 2014

keys

Passwordless Authentication

Client

on your client run

# ssh-keygen -t rsa

Dialogs will be presented, you can press enter several times to accept defaults.

~/.ssh/id_rsa.pub will be generated. Copy or append the contents of this file to the servers ~/.ssh/authorized_keys

Server

Create a user, or select which user the client will be accessing the server as, then place clients id_rsa.pub file into the users ~/.ssh/authorized_keys

Single Machine Testing

# ssh-keygen -t rsa

Press enter several times to accept default settings.

# cp ~/.ssh/id_rsa.pub ~/.ssh/authorized_keys
# ssh localhost


Intrusion Prevention

ssh is a commonly attacked service. Package:Sshguard monitors logs, and black list remote users who have repeatedly failed to login.