SSH (Secure SHell) allows local access to a remote machine.

Keys

SSH keys are essential when securing a public-facing server.

generate with ssh-keygen

$ ssh-keygen
Enter file: ~/.ssh/<key name>
Enter passprhase: (skip)

copy to remote server with ssh-copy-id

$ ssh-copy-id -i ~/.ssh/<key name> root@host

Password-less login

edit /etc/ssh/sshd_config

PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM no

Reload SSH daemon with systemctl reload sshd

Aliases

Stored at ~/.ssh/config

Notable fields:

• Hostname - IP address/domain
• Port - SSH port (if changed from default 22)
• User - specify user (root, user account)
• IdentityFile - points to private SSH key

Example configuration:

Host storageserver
 Hostname storageserver.xyz
 Port 2222
 User notahacker
 IdentityFile ~/.ssh/storageserver