Secure Shell Protocol
Is a network protocol to communicate securily. Used by Linux, among others.
Usage¶
- Connect to a custom port
ssh -p port server
- Copy files between computers with
scp ./source/file user@client:/destination/path
Configuration¶
- Config lives in
/etc/ssh/sshd_config
PermitRootLogin
no
to deny root to log inprohibit-password
to allow only SSH keys
AllowUsers toto
to only allowtoto
to log insudo systemctl restart ssh
to restart the service
Create keys¶
Can be used for password-less authentication (if no passwords are provided)
1. On the client, generate the keys: ssh-keygen -t ed25519 -a 100
- source
2. Transfer the public key (.pub
) from the client to the server: cat ~/.ssh/id_ed25519.pub | ssh HOST_USER@HOST_IP 'mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys'
4. On the client, connect to the host: ssh HOST_USER@HOST_IP
5. If necessary, add the host to known hosts: ssh-keygen -R HOST_IP
Connect to SSH via Cloudflare Tunnel¶
- In the Cloudflare Zero Trust dashboard
- Set up an Access Application with an associated access rule
- Set up an SSH Tunnel to the Linux server
- On the target client
- Grab the latest release of cloudlared
- Set up a local proxy connected to your hostname
cloudflared-windows-amd64.exe access ssh --hostname example.com --url localhost:1234
- Connect with your favorite SSH client to
user@localhost:1234