Showing posts with label ssh. Show all posts
Showing posts with label ssh. Show all posts

Friday, May 10, 2024

SSH log with key

Reference: 

https://www.digitalocean.com/community/tutorials/how-to-configure-ssh-key-based-authentication-on-a-linux-server 


Step 1 — Creating SSH Keys in Client

On your local computer, generate a SSH key pair by typing:

  1. ssh-keygen

Output
Generating public/private rsa key pair.
Enter file in which to save the key (/home/username/.ssh/id_rsa):

The utility will prompt you to select a location for the keys that will be generated. By default, the keys will be stored in the ~/.ssh directory within your user’s home directory. The private key will be called id_rsa and the associated public key will be called id_rsa.pub.

Step 2 — Copying an SSH Public Key to Your Server

The full command will look like this:

  1. cat ~/.ssh/id_rsa.pub | ssh username@remote_host "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"

You may see a message like this:

Output
The authenticity of host '203.0.113.1 (203.0.113.1)' can't be established.
ECDSA key fingerprint is fd:fd:d4:f9:77:fe:73:84:e1:55:00:ad:d6:6d:22:fe.
Are you sure you want to continue connecting (yes/no)? yes

This means that your local computer does not recognize the remote host. This will happen the first time you connect to a new host. Type yes and press ENTER to continue.

Posted by at No comments:
Labels: ,

Friday, September 11, 2020

rsync with a non-standard port

 rsync -avz -e "ssh -p $portNumber" user@remoteip:/path/to/files/ /local/path/

Posted by at No comments:
Labels: ,

Thursday, March 5, 2020

Change ssh port for ubuntu

  1. Edit the file and set Port option

    Type the following command:
    $ sudo vi /etc/ssh/sshd_config
    Locate line that read as follows:
    Port 22
    OR
    #Port 22
    To set the port to 2222, enter:
    Port 2222

  2. Updating your firewall to accept the ssh port 2222 in Linux

    If you are using UFW on a Ubuntu/Debian Linux, type:
    $ sudo ufw allow 2222/tcp
    The syntax for iptables is as follows
    $ sudo /sbin/iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 2222 -j ACCEPT

  3. OR if you are using Ubuntu/Debian/Mint Linux:
    $ sudo service ssh restart
Test
ssh xxxx.xxxx.xxxx.xxxx -p 2222
Posted by at No comments:
Labels: , ,

Monday, December 18, 2017

ssh login timeout but scp works

Problem:
ssh login timeout
scp and sftp work

Analysis:

scp and sftp working means port 22 works.

This was due to my router blocking TCP keepalive messages when I connected wirelessly (go figure).
Solution:
ssh my_server -o TCPKeepAlive=no 

From the documentation:
TCPKeepAlive
  Specifies whether the system should send TCP keepalive messages
  to the other side. If they are sent, death of the connection or
  crash of one of the machines will be properly noticed.  However,
  this means that connections will die if the route is down tem-
  porarily, and some people find it annoying.  On the other hand,
  if TCP keepalives are not sent, sessions may hang indefinitely on
  the server, leaving "ghost" users and consuming server resources.

  The default is "yes" (to send TCP keepalive messages), and the
  server will notice if the network goes down or the client host
  crashes.  This avoids infinitely hanging sessions.

  To disable TCP keepalive messages, the value should be set to
  "no".

Posted by at No comments:
Labels: , ,

Thursday, October 19, 2017

ssh forward port to solve denied server port


Sometimes, some port is denied from servers. When you want to access webpage set in server, you can forward remote port to local.

 $ ssh -L16006:localhost:6006 user1@remote_server

Set port 6006 at remote server, and you can access at client via port 16006.
Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)