64 lines
1.6 KiB
Markdown
64 lines
1.6 KiB
Markdown
# SSH
|
|
|
|
## Installation and setup
|
|
|
|
- Install OpenSSH package (`sudo pacman -S openssh`) on client and server
|
|
- On server, start ssh service with `sudo systemctl enable sshd.service` and `sudo systemctl start sshd.service`
|
|
- Configuration file for ssh server is at `/etc/ssh/sshd_config`
|
|
- Configuration file for ssh client is at `/etc/ssh/ssh_config`
|
|
- More info at [archwiki](https://wiki.archlinux.org/title/OpenSSH)
|
|
|
|
## Authorization using keys
|
|
|
|
- Create a keys on your client using command `ssh-keygen -t ed25519 -C "comment"`
|
|
- Then copy key to the server with `ssh-copy-id -i ~/.ssh/[key]` [username]@[server]
|
|
|
|
## Configuration
|
|
|
|
Example of Server Configuration:
|
|
|
|
```
|
|
# $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $
|
|
|
|
# This is the sshd server system-wide configuration file. See
|
|
# sshd_config(5) for more information.
|
|
|
|
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
|
|
|
|
# The strategy used for options in the default sshd_config shipped with
|
|
# OpenSSH is to specify options with their default value where
|
|
# possible, but leave them commented. Uncommented options override the
|
|
# default value.
|
|
|
|
Include /etc/ssh/sshd_config.d/*.conf
|
|
|
|
#Port 22
|
|
#AddressFamily any
|
|
#ListenAddress 0.0.0.0
|
|
#ListenAddress ::
|
|
|
|
#HostKey /etc/ssh/ssh_host_rsa_key
|
|
#HostKey /etc/ssh/ssh_host_ecdsa_key
|
|
#HostKey /etc/ssh/ssh_host_ed25519_key
|
|
|
|
# Ciphers and keying
|
|
#RekeyLimit default none
|
|
|
|
# Logging
|
|
#SyslogFacility AUTH
|
|
#LogLevel INFO
|
|
|
|
# Authentication:
|
|
|
|
#LoginGraceTime 2m
|
|
#PermitRootLogin prohibit-password
|
|
#StrictModes yes
|
|
#MaxAuthTries 6
|
|
#MaxSessions 10
|
|
...
|
|
```
|
|
|
|
## SSH port forwarding
|
|
|
|
- Complete this someday
|