ssh

From Initq

Jump to: navigation, search

ssh (all lower case) means a client program that includes SSH1, SSH2, OpenSSH, F-Secure SSH, and other products for running secure terminal sessions and remote commands. 

qasket:~# ssh -l lexiana initq.com
lexiana@192.168.1.20's password:
Last login: Wed Apr  1 19:53:23 2009
[lexiana@initq ~]$

Contents

SSH login without password

Here are the steps to perform to get to a remote machine without password.

  • run the following on your local machine. 
internal:~# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
ea:5b:65:6b:9d:b9:d9:88:80:a5:07:41:21:1e:86:bf root@internal
The key's randomart image is:
+--[ RSA 2048]----+
|   .+ o.         |
|  .o +           |
|   .. .          |
|    .  .         |
|     .. S o      |
|    E  * o o o   |
|      + + o +    |
|     . o o . =   |
|      o.  . + .  |
+-----------------+
  • copy /root/.ssh/id_rsa to your remote machines /home/<user>/.ssh folder and rename it as authorized.keys. 
internal:~/.ssh# scp id_rsa.pub apptricity@192.168.170.100:/home/apptricity/.ssh/authorized_keys
The authenticity of host '192.168.170.100 (192.168.170.100)' can't be established.
RSA key fingerprint is c8:a8:6d:77:34:66:8d:17:a4:72:a8:fc:2f:0c:85:fc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.170.100' (RSA) to the list of known hosts.
apptricity@192.168.170.100's password:
authorized_keys                                                                 100%  395     0.4KB/s   00:00

ssh-copy-id

You can also use a nice utility ssh-copy-id to copy id's which will append to your existing authorized_keys file. 

internal:~/.ssh# ssh-copy-id -i /root/.ssh/id_rsa.pub apptricity@192.168.170.100

After this try logging into your remote machine from your local. It should not ask you for a password.

Related technologies

  • rsh
  • pgp pupular encryption program created by Phil Zimmerman.
  • Kerberos is a secure authentication system
  • IPSEC Internet Protocol Security is a standard. Encryption is done at IP level.
  • SRP secure Remote Password protocol is an authentication protocol.
  • SSL (secure socket layer), TLS (transport layer security).
  • Secure Socket Layer SSL Protocol is an authentication and encryption technique. Used mostly for web applications.
  • SSL-Enhanced Telnet and FTP includes SSLtelnet, SRA telnet, SSLTel, STel and SSLftp.
  • stunnel performs authentication and authorization of incoming connections via SSL and could be invoked from inetd as a wrapper for any number of service deamons or run standalone.
  • firwalls

Flags

  • -v verbose
  • -l username
Retrieved from "http://initq.com/index.php/Ssh"
Personal tools