Skip to content

Secure Shell Protocol

Is a network protocol to communicate securily. Used by Linux, among others.


  • Connect to a custom port ssh -p port server
  • Copy files between computers with scp ./source/file user@client:/destination/path


  • Config lives in /etc/ssh/sshd_config
  • PermitRootLogin
    • no to deny root to log in
    • prohibit-password to allow only SSH keys
  • AllowUsers toto to only allow toto to log in
  • sudo systemctl restart ssh to restart the service

Create keys

Can be used for password-less authentication (if no passwords are provided) 1. On the client, generate the keys: ssh-keygen -t ed25519 -a 100 - source 2. Transfer the public key (.pub) from the client to the server: cat ~/.ssh/ | ssh HOST_USER@HOST_IP 'mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys' 4. On the client, connect to the host: ssh HOST_USER@HOST_IP 5. If necessary, add the host to known hosts: ssh-keygen -R HOST_IP

Connect to SSH via Cloudflare Tunnel

  1. In the Cloudflare Zero Trust dashboard
    1. Set up an Access Application with an associated access rule
    2. Set up an SSH Tunnel to the Linux server
  2. On the target client
    1. Grab the latest release of cloudlared
    2. Set up a local proxy connected to your hostname cloudflared-windows-amd64.exe access ssh --hostname --url localhost:1234
    3. Connect with your favorite SSH client to user@localhost:1234