Difference between revisions of "OpenSSH"

From wikieduonline
Jump to navigation Jump to search
Tags: Mobile web edit, Mobile edit
Tags: Mobile web edit, Mobile edit
Line 34: Line 34:
 
* [[Configure OpenSSH to allow Public-key authentication]] (<code>authorized_keys</code>)<ref>https://www.digitalocean.com/community/tutorials/how-to-configure-ssh-key-based-authentication-on-a-linux-server</ref>
 
* [[Configure OpenSSH to allow Public-key authentication]] (<code>authorized_keys</code>)<ref>https://www.digitalocean.com/community/tutorials/how-to-configure-ssh-key-based-authentication-on-a-linux-server</ref>
 
* [[/Activate SSH on macos/]]: <code>sudo [[systemsetup]] -setremotelogin on</code>
 
* [[/Activate SSH on macos/]]: <code>sudo [[systemsetup]] -setremotelogin on</code>
* Activate [[OpenSSH]] on [[Windows]]:<ref>https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse</ref>
+
* Activate [[OpenSSH]] on [[Windows]] ([[Windows Server 2019]] or [[Windows 1o]]):<ref>https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse</ref>
 
** Install OpenSSH optional capability from Windows interface.
 
** Install OpenSSH optional capability from Windows interface.
 
::: <code>[[Add-WindowsCapability]] -Online -Name OpenSSH.Server*</code>
 
::: <code>[[Add-WindowsCapability]] -Online -Name OpenSSH.Server*</code>

Revision as of 15:10, 16 March 2020

OpenSSH is a popular suite of software utilities implementing Secure Shell (SSH) protocol. OpenSSH includes the ability to set up a TCP secured channel and it is widely use as a replacement for not secured telnet and secure replacement of file transfers such as rcp and ftp. OpenSSH offers a great number of features including ssh session multiplexing. [1][2]


The OpenSSH suite includes the following command-line utilities and daemons:

  • ssh, ssh client and TCP secure replacement for <templatestyles src="Mono/styles.css" />rlogin, <templatestyles src="Mono/styles.css" />rsh and <templatestyles src="Mono/styles.css" />telnet to allow shell access to a remote machine.
  • scp, a replacement for rcp
  • sftp, a replacement for ftp to copy files between computers
  • sshd, the SSH server daemon which allows shell access and file transfers to a remote machine.
  • ssh-keygen, a tool to inspect and generate the RSA, DSA and Elliptic Curve keys that are used for user and host authentication
  • ssh-agent and ssh-add, utilities to ease authentication by holding keys ready and avoid the need to enter passphrases every time they are used
  • ssh-keyscan, which scans a list of hosts and collects their public keys
  • ssh-copy-id, copy local keys to remote machine.

Readings

ssh clients

OpenSSH includes an ssh client:ssh. Others clients are available such us putty, mosh, paramiko and autossh[3].

autossh[4] main feature not include in OpenSSH ssh client is the capability to monitor an ssh connection and restart it if necessary.

  • Loop waiting to connect to server: AUTOSSH_POLL=5 AUTOSSH_GATETIME=0 autossh -M 0 -o ServerAliveInterval=5 -o ServerAliveCountMax=1 YOUR_SERVER_NAME_OR_IP

Ssh clients in Linux are frequently executed inside a terminal or using any kind of terminal multiplexer such as tmux or screen.

Activities

Basic

Add-WindowsCapability -Online -Name OpenSSH.Server*
Start-Service sshd
Set-Service -Name sshd -StartupType 'Automatic'

Intermediate

  • Learn about different client connection options, such us: -oBatchMode=yes or -o ConnectTimeout=2[8]
  • Connect to remote server temporarily turning off host key checking, (security implications): ssh -oStrictHostKeyChecking=no SERVER_NAME

Advanced

  1. Read ssh documentation about multiplexing https://en.wikibooks.org/wiki/OpenSSH/Cookbook/Multiplexing and its implementation details: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.mux?annotate=HEAD
  2. Configure ssh session multiplexing
  3. Use ProxyJump directive to connect using a "Jump Server"[9]
  4. Run a shell script on a remote machine using ssh: ssh root@MachineB 'bash -s' < local_script.sh[10]. See also: parallel
  5. Read https://github.com/openssh/openssh-portable source code
  6. Read OpenSSH changelog

See also

Text is available under the Creative Commons Attribution-ShareAlike License; additional terms may apply. By using this site, you agree to the Terms of Use and Privacy Policy.

Original source: https://en.wikiversity.org/wiki/OpenSSH

Advertising: