Guide for setting up OpenSSH on deb/ubuntu or Arch-based distros.
Install OpenSSH server
Ensure on the server OpenSSH is installed. If not you can install for deb/ubuntu with:
sudo apt install openssh-server
or Arch based distros with:
sudo pacman -S openssh
Settings
You'll likely need to change several settings for OpenSSH. First, it's worth first backing up the ssh_config file.
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup sudo chmod a-w /etc/ssh/sshd_config.original.backup
Ensure you disable PasswordAuthentication so users can only SSH in with private keys.
... PasswordAuthentication no ...
Once configuration is done, restart ssh:
sudo service ssh restart
Generating keypairs
You can generate a keypair by from your linux client with:
To generate a ssh key using the RSA algorithm (older, well-used with wide support):
ssh-keygen -t rsa
To generate an ssh key using ED25519 (newer, recommended):
ssh-keygen -t ed25519
You can then copy and append the client-generated public key (*.pub) to the open ssh server. Or more specifically, to a server user's "~/.ssh/authorized_keys"
file:
/home/<SERVER-USER-WILL-SSH-INTO>/.ssh/authorized_keys
The client should now be able to connect via SSH to the openssh server.
Generating a (new) separate key and using it for a specific host
You might want to use a separate key for a specific host. For example, let's create a key called gitlab_jaytaala for use with in pushing/pulling to/from gitlab.jaytaala.com:
ssh-keygen -t rsa -f .ssh/gitlab_jaytaala
To get your machine to use this key for a specific host (for example from the terminal) we create an the following config
file within your .ssh
folder:
vim .ssh/config
and add the following:
Host gitlab_jay HostName gitlab.jaytaala.com IdentityFile ~/.ssh/gitlab_jaytaala User j.taala
You can add another section as above for other hosts. Note that indentation is not required (but does make it much easier to read given lots of Host directives).
In the above example, having defined the host gitlab_jay
we can then simply do:
ssh gitlab_jay
to connect by ssh to host gitlab.jaytaala.com.
References
- https://help.ubuntu.com/lts/serverguide/openssh-server.html
- https://linuxize.com/post/using-the-ssh-config-file/
- https://wiki.archlinux.org/index.php/SSH_keys
Related articles