ssh setup

Below are some hints on setting up SSH for a new remote machine

On local machine, do the following:

ssh-copy-id remote_username@server_ip_address

to copy public key to server.

Or we can manually copy to ~/.ssh/authorized_keys on the remote server

cat ~/.ssh/id_rsa.pub | ssh remote_username@server_ip_address "mkdir -p ~/.ssh && chmod 700 ~/.ssh && cat >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys"

If the key type is different, the filename needs to be adjusted accordingly. Use
ls ~/.ssh/id_*
to find the public key file

Config File

We can change the sshd_config file often in /etc/ssh:

Disable Password Configuration

PasswordAuthentication no

In sshd_config

PermitRootLogin no

Note that if the .ssh/authorized_keys is for the root account rather than user account, this can lock you out of SSH!
In this case, we can do the following:
su - youruser # change user if am root
mkdir -p ~/.ssh
cat /root/.ssh/authorized_keys >> ~/.ssh/authorized_keys
Also be careful about the permission of ~/.ssh/authorized_keys

Restart SSH Demon

Note that if we mode change to sshd_config file, we need to restart ssh daemon. On Ubuntu, we need to do

sudo systemctl restart ssh

Lesley's Digital Garden

Explorer

ssh setup

Config File

Disable Password Configuration

Restart SSH Demon

Graph View

Table of Contents

Lesley's Digital Garden

Explorer

ssh setup

Setup Passwordless Login

Config File

Disable Password Configuration

Disable Root Login

Restart SSH Demon

Graph View

Table of Contents