SSH - Secure Shell #

Enabling SSH #

sudo apt update && sudo apt install openssh-server
sudo systemctl status ssh
sudo ufw allow ssh

Disabling SSH #

sudo systemctl disable --now ssh

Re-enable SSH #

sudo systemctl enable --now ssh

Disable password authentication in SSH #

sudo nano /etc/ssh/sshd_config
PasswordAuthentication no
sudo systemctl restart ssh

Create an RSA key pair #

ssh-keygen -t rsa

Correct file permissions for ssh keys and config #

ssh-keygen -t rsa -b 4096 -N '' -C "" -f ~/.ssh/id_rsa
ssh-keygen -t rsa -b 4096 -N '' -C "" -f ~/.ssh/github_rsa
ssh-keygen -t rsa -b 4096 -N '' -C "" -f ~/.ssh/mozilla_rsa
chmod 700 ~/.ssh
chmod 644 ~/.ssh/authorized_keys
chmod 644 ~/.ssh/known_hosts
chmod 644 ~/.ssh/config
chmod 600 ~/.ssh/id_rsa
chmod 644 ~/.ssh/

chmod 600 ~/.ssh/github_rsa
chmod 644 ~/.ssh/

chmod 600 ~/.ssh/mozilla_rsa
chmod 644 ~/.ssh/

ssh-agent #

eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_rsa
ssh-add ~/.ssh/github_rsa
ssh-add ~/.ssh/mozilla_rsa

Convert OpenSSH keys to Putty (.ppk) #

sudo apt install putty-tools
puttygen -t rsa -C ~/.ssh/id_rsa -o ~/.ssh/id_rsa.ppk


cd ~/.ssh/
puttygen id_rsa -o id_rsa.ppk

Custom cert #

ssh -i ~/.ssh/id_demo

.ssh/config #

Host demo
    User demo
    Port 7654
    IdentityFile ~/.ssh/id_demo
    LogLevel INFO
    Compression yes

Copy the public key file to your account on the remote system #

ssh-copy-id -i ~/.ssh/ <server-user>@<server-public-ip-address>

with non-standard SSH Port #

ssh -o StrictHostKeyChecking=no deploy@${HOST} -p ${PORT} 'rm -rf site_${BUILD_NUMBER} && mkdir site_${BUILD_NUMBER}'
Edit Edit this page