What do you think? Discuss, post comments, or ask questions at the end of this article [More about me]

Skip to end of metadata
Go to start of metadata

Guide for setting up OpenSSH on deb/ubuntu or Arch-based distros.

Install OpenSSH server

Ensure on the server OpenSSH is installed.  If not you can install for deb/ubuntu with:

sudo apt install openssh-server

or Arch based distros with:

sudo pacman -S openssh

Settings

You'll likely need to change several settings for OpenSSH.  First, it's worth first backing up the ssh_config file.

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup
sudo chmod a-w /etc/ssh/sshd_config.original.backup

Ensure you disable PasswordAuthentication so users can only SSH in with private keys.

...
PasswordAuthentication no
...

Once configuration is done, restart ssh:

sudo service ssh restart

Generating keypairs

You can generate a keypair by from your linux client with:

To generate a ssh key using the RSA algorithm (older, well-used with wide support):

ssh-keygen -t rsa

To generate an ssh key using ED25519 (newer, recommended):

ssh-keygen -t ed25519

You can then copy and append the client-generated public key (*.pub) to the open ssh server.  Or more specifically, to a server user's "~/.ssh/authorized_keys" file:

/home/<SERVER-USER-WILL-SSH-INTO>/.ssh/authorized_keys

The client should now be able to connect via SSH to the openssh server.

Generating a (new) separate key and using it for a specific host

You might want to use a separate key for a specific host.  For example, let's create a key called gitlab_jaytaala for use with in pushing/pulling to/from gitlab.jaytaala.com:

ssh-keygen -t rsa -f .ssh/gitlab_jaytaala

To get your machine to use this key for a specific host (for example from the terminal) we create an the following config file within your .ssh folder:

vim .ssh/config

and add the following:

.ssh/config
Host gitlab_jay 
    HostName gitlab.jaytaala.com
    IdentityFile ~/.ssh/gitlab_jaytaala
    User j.taala

You can add another section as above for other hosts.  Note that indentation is not required (but does make it much easier to read given lots of Host directives).

In the above example, having defined the host gitlab_jay  we can then simply do:

ssh gitlab_jay

to connect by ssh to host gitlab.jaytaala.com. 

References

  1. https://help.ubuntu.com/lts/serverguide/openssh-server.html
  2. https://linuxize.com/post/using-the-ssh-config-file/
  3. https://wiki.archlinux.org/index.php/SSH_keys