Contents
Setting Up Server
E.g. linuxize.com/post/how-to-enable-ssh-on-ubuntu-18-04/
1) Installation
$ sudo apt update
$ sudo apt install openssh-server
This enables server and remote users can immediately login using the users already configured on server.
2) Check it’s running
sudo systemctl status ssh
3) Ubuntu comes with a firewall configuration tool called UFW. If the firewall is enabled on your system, make sure to open the SSH port:
sudo ufw allow ssh
More
To stop:
sudo systemctl stop ssh
To start:
sudo systemctl start ssh
To disable the SSH service to start during system boot run:
sudo systemctl disable ssh
To enable it again type:
sudo systemctl enable ssh
Logging In
ssh user@host
enter password
Using Key Pairs
Create Key Pair
ssh-keygen -t rsa
Add PUBLIC to Remote Host (Server)
First, copy (‘install’) PUBLIC key on the remote host
localhost$ ssh-copy-id -i id_rsa.pub <user@host>
EXAMPLE:
bobby$ ssh-copy-id -i id_rsa.pub bobby@172.16.126.134
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
bobby@172.16.126.134's password:
<entering password for user @ host>
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'user@host'"
and check to make sure that only the key(s) you wanted were added.
$ ssh user@host
Using PRIVATE to Connect
ssh -i id_rsa user@host
EXAMPLE
bobby$ ssh -i id_rsa bobby@172.16.126.134 Enter passphrase for key 'id_rsa': Welcome to ... bobby@ubuntu:~$
NOTE: Now, it’s NOT the password for the USER (at the host) but the password for the RSA key.
Add PRIVATE Key to Local Agent
To avoid having to enter password.
bobby$ ssh-add -l The agent has no identities. bobby$ ssh-add id_rsa Enter passphrase for id_rsa: Identity added: id_rsa (id_rsa) bobby$ ssh-add -l 2048 SHA256:6baeckDpXBUdnkmbMWqEu5dSVtLMN36/RRYxaxe2a+d id_rsa (RSA) bobby@172.16.126.134 Welcome to Ubuntu ... bobby@ubuntu:~$
(Now no requesting of password.)
Verify Pair Belongs To Each Other
google.com/search?q=verify+ssh+key+pair
bobby$ diff <(ssh-keygen -y -e -f id_rsa.pub) <(ssh-keygen -y -e -f ../bobby-id_rsa )
(empty output, no differences indicated by diff command means pair belongs to each other)
NOTE- the below actually ONLY uses the .pub file (…. or….?)
Using -l option:
“-l Show fingerprint of specified public key file. For RSA and DSA keys ssh-keygen tries to find the matching public key file and
prints its fingerprint. If combined with -v, a visual ASCII art representation of the key is supplied with the fingerprint.”
bobby$ ssh-keygen -l -f id_rsa
2048 SHA256:1bzgykDpXBUdnkmbMWqEu5dSVtLMN36/RReZhcD1z+s bobby@Bobbis-MacBook-Pro.local (RSA)
bobby$ ssh-keygen -l -f id_rsa.pub
2048 SHA256:1bzgykDpXBUdnkmbMWqEu5dSVtLMN36/RReZhcD1z+s bobby@Bobbis-MacBook-Pro.local (RSA)