torstai 29. elokuuta 2013

Setup SSH server and automatic login

If you need to acces your server remotely ssh is best for it. Start by upgrading your repositories

sudo apt-get update

then install openssh-server

sudo apt-get install -y openssh-server

Now type ssh localhost to see if the demon is working. If it asks fingerprint then everything is okay. Select yes if you are going to use ssh later. Now if it asks password and you see yourname@ubuntu:~$ or the basic terminal text you have now just succesfully logged in. There should also be the default welcome screen in terminal window.






If you did'nt get the fingerprint thing it is possible that you don't have account name yet (for example if you are using live-cd) Add a new user with  sudo adduser. Now you can test to log on to the computer with ssh yourname@localhost and it should work out of the box because every user has ssh settings by default. If this worked now try to log on from another computer (if you have computers in the same network). Exit from ssh with simple command exit


If you want to ssh outside from your network you need to setup your firewall correctly. This is more complicated thing and I suggest you to look more information from http://portforward.com/

Setting up ssh automatic login

ssh to your new user for example ssh seppo@localhost
Create new ssh key with ssh-keygen -t rsa 
Just press enter in every step. No password and no location for file.




Next commands go to .ssh folder and see if you have key files generated:
cd .ssh/
ls


Move public key to a file authorized keys, set permissions that no one else can see the folder and delete the other key pair.

cat id_rsa.pub >> authorized_keys
chmod 600 authorized_keys 
rm id_rsa.pub 

Next close your ssh connection with exit. Go to .ssh folder and copy the ir_rsa file, again hide the file from others:

cd .ssh/ 
scp seppo@localhost:.ssh/id_rsa 
Copying from remote host:  
scp seppo@172.28.9.72:.ssh/id_rsa /home/username/.ssh/
chmod 600 id_rsa

Now everything should be ready to test. ssh seppo@localhost


Works.

Ei kommentteja:

Lähetä kommentti