ssh

Secure Shell.

Usage

Execute command at the remote host

Generally, this is done with

ssh user@ip "cmd"

ssh user@ip "cmd1;cmd2;cmd3;...;cmdn"

to execute multiple commands after each other.

Configuration

First, check for existing SSH keys

ls ~/.ssh

If no files are present, generate new SSH keys. This can be done in multiple ways, however ed25519 is preferred.

ssh-keygen -t ed25519

Keys will per default be placed in ~/.ssh.

In general, after changing configurations like the ones below, remember to restart the ssh service by

sudo systemctl restart ssh

Enable key authentication

sudo nano /etc/ssh/sshd_config

Make

PubkeyAuthentication    yes

Copy the generated public key to the server from the client you wish to connect

ssh-copy-id username@ip-address

When that succeeds, password authentication can now be disabled, such that authentication only happens through ssh keys.

Change the following lines to be corresponding to

ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no

Allow / Deny users

Specific users can be allowed/denied adding these lines

AllowUsers alice bob
DenyUsers jane john

Change port

The default port 22 can be changed by editing #Port 22 to Port X. Ports range from 0 to 65535 and ports from 0 to 1023 are reserved for privileged services. While many of the ports above 1023 are also used for known applications it could be a good idea to see if the port is already in use.

X11 forwarding

X11Forwarding should be disabled for security reasons as well.

Previoussqlmap Nextscp

Last updated 2 years ago