ssh ssh-copy-id scp ssh-keygen sshd | SSH_CONNECTION | SSH_TTY

Installation of the OpenSSH client and server applications is simple. To install the OpenSSH client applications on your Ubuntu system, use this command at a terminal prompt:
sudo apt install openssh-client
To install the OpenSSH server application, and related support files, use this command at a terminal prompt:
sudo apt install openssh-server
The openssh-server package can also be selected to install during the Server Edition installation process.





after first ssh connectivity, public fingerprint is saved on client in known_hosts
---------------
also public/private keys could be used instead of passwords


passphrase is used in private key when you connect

[svn@svn ~]$ ssh-keygen 
x




Generating public/private rsa key pair.
Enter file in which to save the key (/home/svn/.ssh/id_rsa): 
Created directory '/home/svn/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/svn/.ssh/id_rsa.
Your public key has been saved in /home/svn/.ssh/id_rsa.pub.
The key fingerprint is:
7b:ac:9c:bf:f0:e2:41:d9:1a:ba:2a:42:61:a5:02:73 svn@svn.localdomain
The key's randomart image is:
+--[ RSA 2048]----+
|                 |
|o E.             |
|.oo              |
|.+       o       |
|o .     S .      |
| .     o =       |
|.     . = o      |
|. .    o.B       |
| . .....=o+.     |
+-----------------+

[svn@svn ~]$ ll .ssh/
total 8
-rw-------. 1 svn svn 1679 May 13 12:22 id_rsa
-rw-r--r--. 1 svn svn  401 May 13 12:22 id_rsa.pub

[svn@svn ~]$ systemctl start sshd

[svn@svn ~]$ systemctl status sshd
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: active (running) since Mon 2017-05-08 23:58:10 EEST; 4 days ago
     Docs: man:sshd(8)
           man:sshd_config(5)
 Main PID: 1025 (sshd)
   CGroup: /system.slice/sshd.service
           └─1025 /usr/sbin/sshd

May 08 23:58:09 svn.localdomain systemd[1]: Starting OpenSSH server daemon...
May 08 23:58:10 svn.localdomain sshd[1025]: Server listening on 0.0.0.0 port 2022.
May 08 23:58:10 svn.localdomain sshd[1025]: Server listening on :: port 2022.
May 08 23:58:10 svn.localdomain systemd[1]: Started OpenSSH server daemon.
[svn@svn ~]$ 

[svn@svn ~]$ sudo grep -i port /etc/ssh/sshd_config 
# If you want to change the port on a SELinux system, you have to tell
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
Port 2022


[svn@svn ~]$ netstat -tulpen | grep 22
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      0          16226      -                   
tcp        0      0 192.168.122.1:53        0.0.0.0:*               LISTEN      0          25255      -                   
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      0          24722      -                   
tcp        0      0 0.0.0.0:2022            0.0.0.0:*               LISTEN      0          189784     -                   
tcp6       0      0 :::111                  :::*                    LISTEN      0          16225      -                   
tcp6       0      0 :::2022                 :::*                    LISTEN      0          189786     -                   
udp        0      0 192.168.122.1:53        0.0.0.0:*                           0          25254      -                   
udp6       0      0 ::1:51681               :::*                                1001       26220      - 

[svn@svn ~]$ firewall-cmd --list-all
public
  target: default
  icmp-block-inversion: no
  interfaces: 
  sources: 
  services: dhcpv6-client ftp ldap ssh
  ports: 
  protocols: 
  masquerade: no
  forward-ports: 
  sourceports: 
  icmp-blocks: 
  rich rules: 


[svn@svn ~]$ ssh localhost -p 2022
Last login: Mon May  8 23:58:58 2017
[svn@svn ~]$ exit
logout
Connection to localhost closed.
[svn@svn ~]$ 


if there is different path to public key, use 
ssh-copy-id -i path


[svn@svn ~]$ ssh-copy-id ci@192.168.154.129
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
ci@192.168.154.129's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'ci@192.168.154.129'"
and check to make sure that only the key(s) you wanted were added.

[svn@svn ~]$ ssh ci@192.168.154.129
Last login: Sun Apr 16 22:31:38 2017
[ci@localhost ~]$ exit
logout
Connection to 192.168.154.129 closed.
[svn@svn ~]$ 

192.168.154.129

[ci@localhost ~]$ cat .ssh/authorized_keys 
ssh-rsa AAAAB3NzM7z svn@svn.localdomain
[ci@localhost ~]$ 


[svn@svn ~]$ cat ~/.ssh/known_hosts 
[localhost]:2022 ecdsa-sha2-nistp256 AAAAE2VjZHN9Z90xCEmIFNkKJKzqPIJ9ffpfY4c5jE=
192.168.154.129 ecdsa-sha2-nistp256 YWnZZTob9MJ9QPphVx0OU+D50ePKmvkFAKTbY=
[svn@svn ~]$ 

svn@svn Downloads]$ scp testfile ci@192.168.154.129:~
testfile   


ubuntu
sudo systemctl restart sshd.service
 /etc/ssh/sshd_config
============
SSH_CONNECTION shows the address of the client, the outgoing port on the client, the address of the server and the incoming port on the server.
SSH_TTY names the pseudo-terminal device, abbreviated Ppty, on the server used by the connection.
For example:

SSH_CONNECTION='192.168.223.17 36673 192.168.223.229 22'
SSH_TTY=/dev/pts/6

Comments

Popular posts from this blog

HAproxy logging

teamcity Automatic Agent Start under Linux

NFS mount add in fstab _netdev instead of default | firewall-cmd --list-all