Saturday, April 30, 2016

SSH

See here first if network has issues http://gvace.blogspot.com/2016/04/linux-network-configs.html

 Without password

  1. Client save its public key to remote ssh server.
  2. When ssh login, remote ssh server send client a random string.
  3. Client use its private key to encrypt this random string.
  4. Client send ssh server the encrypted string.
  5. SSH server use saved public key to decrypt.
  6. If decrypt succeed, ssh server allow client to login, without password.



 ssh client

Generate key
ssh-keygen -t rsa
generated public and private key will be in ~/.ssh
private key file: id_rsa
public key file: id_rsa.pub


copy the public key to target ssh-server
ssh-copy-id user1@192.168.3.4
this command will copy the public key from client to ssh server, saved in ~/.ssh/authorized_keys

keep public key and private key in ssh-client side

ssh server

Check if SSH is running
sudo netstat -anp | grep sshd
If nothing on port 22, means ssh-server is not running, install ssh-server or start it.

check firewall(iptables which is ufw), make sure ssh can go through



















Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)