Differences

This shows you the differences between two versions of the page.

--- ssh_keys [2016/05/03 06:50] – luke7858
+++ ssh_keys [2024/05/23 07:26] (current) – external edit 127.0.0.1
@@ Line 1: / Line 1: @@
-Creating keys:
+=== Creating keys ===
 <sxh bash>
 ssh-keygen
@@ Line 16: / Line 16: @@
 :01:43:22:c2:ec:24:85:f3:88:44:88:d6:df:7d:ea Luke@lukeshost
 </sxh>
+\\
+=== Copying public keys to device ===
 Now we need to copy the public key onto the server
 <sxh bash>
 ssh-copy-id -i ~/.ssh/servername_id_rsa.pub [email protected]
 </sxh>
+If the server has a custom port:
+<sxh bash>
+ssh-copy-id -i ~/.ssh/servername_id_rsa.pub '-p 1234 [email protected]'
+</sxh>
+\\
+=== Logging in using private key ===
 You can then log into the device using the private key:
 <sxh bash>
 ssh -i ~/.ssh/servername_id_rsa [email protected]
 </sxh>
-If the private key matches the public key located on the server then it will allow you to log in!
+If the private key matches the public key located on the server then it will allow you to log in!#
+\\
+\\
+\\
+=== Creating ssh alias ===
+Now we can make our lives a little easier so we do not have to specify the key each time:
 <sxh bash>
+vim ~/.ssh/config
 </sxh>
 <sxh bash>
+Host ServerName
+  Hostname x.x.x.x
+  User Luke
+  Port 22 #or you can specify custom port
+  IdentityFile ~/.ssh/servername_id_rsa #this is the location to the pivate key that you created above
+</sxh>
+You will now be able to ssh into a device with the shortcut:
+<sxh bash>
+ssh ServerName
+</sxh>
+\\
+\\
+=== Locking Down to Keys-Only ===
+Next we could potentially lock down the server so ONLY keys work.
+\\
+Add the following to /etc/ssh/sshd_config
+<sxh bash>
+PasswordAuthentication no
 </sxh>
+Then make sure you reload the configuration file.
+\\
+\\
+WARNING: Keep one session open and attempt to log in from a different session, this allows you to get back in if you made an incorrect update