SSH Access to Linux

SSH Access to Linux

Setting up SSH

To use root login add the following line anywhere in the sshd_config file. To edit this file enter:
vim /etc/ssh/sshd_config

When testing this I added it after UsePam yes around line 86

add:
PermitRootLogin yes

then restart ssh by:
systemctl restart sshd

To copy over ssh key to remote machine

Create a ssh key by running the following command:
I like to cd to the location I expect my keys to be.
cd ~/.ssh/
ssh-keygen -t rsa -b 4096
Hit enter a few times

now run ls -lah to confirm rsa_id is present in this directory.

Create a public key by running:
ssh-keygen -y -f id_rsa > id_rsa.pub

from host machine run:
ssh-copy-id -i ~/.ssh/id_rsa.pub {username}@(remote machine ip)

Example:
ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.1.10
this adds your key to a file on remote host:
~/.ssh/authorized_keys

You will now see authorized_keys file on remote machine with your key inside

Change sshd to allow key login vs user/password

Edit the sshd_config:
vim /etc/ssh/sshd_config

I like to set numbers by htting : and entering set number
:set number
Now you can see all the line numbers where you want to change/edit settings.
You can search using vim by enter / then the phrase you want to find.
/Password
Lets look for PasswordAuthentication yes (line 58 for me) change this to no as we want to use our key.
Change to the following by hitting the i key for insert:
PasswordAuthentication no

Look for /PublicKeyAuthentication yes this will be hashed out. Delete the hash symbol before the line.

hit esc and :wq write quit the settings.

Last lets restart ssh service.
systemctl restart ssh.service

SSH IS NOT EASY IVE FOUND... WTH

Troubleshooting

I have had annoying error where I keept getting key failure:
root@192.168.1.11: Permission denied (publickey).

Ended up clearing out the file (remove my key) on remove machine:
echo "" > ~/.ssh/authorized_keys

You will of course have to change ssh to allow password access again to do this:
vim /etc/ssh/sshd_config

Change to allow password:
PasswordAuthentication yes

Remember to restart the service.
systemctl restart ssh.service

On Local machine where you have your keys:
ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.1.10

change sshd settings back to test again:
vim /etc/ssh/sshd_config
PasswordAuthentication no
systemctl restart ssh.service

Other

Cool Ascii text generator for login panels:
http://patorjk.com/software/taag/#p=display&f=Graffiti&t=CoffeeHouse

Edit this by going to /etc/motd


Share Tweet Send
0 Comments
Loading...
You've successfully subscribed to Metristech
Great! Next, complete checkout for full access to Metristech
Welcome back! You've successfully signed in
Success! Your account is fully activated, you now have access to all content.