SSH

Contents

1. Setup SSH keys
2. SSH Tunnel
3. Copying files over SSH

Setup SSH keys #

1. First, you need a SSH keypair. For new keys the ed25519 algorithm is recommended over RSA:

ssh-keygen -t ed25519 -C "email@example.com"

The ~/ssh directory should now contain your newly created keypair. Private keys don't have an extension and public keys have the .pub extension.

WARNING: Never share you private key with anyone!

2. To use your SSH key, the machines you want to connect to need to know your public key. You can copy your keys to hosts you already have access to (e.g. with a password) using the following command:

ssh-copy-id username@example.com`

3. You should be able to login without password now:

ssh username@example.com

4. Now you can disable password login.

On your remote machine, edit /etc/ssh/sshd_config:

PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM no

Reload the SSH daemon to apply the changes: systemctl reload sshd

SSH Tunnel #

ssh -L address destination

This way you can access a port from a remote server remotely without exposing the port to the internet.

Copying files over SSH #

scp user@host:/path/to/file destination/file # copy single file
scp -r user@host:/path/to/folder destination/folder # copy a folder