User Tools

Site Tools


cs:ssh
Return to Home page

SSH

SSH login without password

Generate a public and private key for a machine:

ssh-keygen -t rsa

do not put password. Private and public keys are stored in ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub files, respectively.

Copy public key in the remote machine with the command:

cat ~/.ssh/id_rsa.pub | ssh <user_name>@<host/ip_address> 'cat >> .ssh/authorized_keys'

Now login can be performed directly without password.

Remember that in the remote host correct permissions are 700 for the .ssh directory, and 600 for the authorized_keys file.

Reverse SSH tunneling

There are two PCs, the client behind a NAT and the server with a public IP address. We want to access the client from the server.

We can follow the following steps:

  • Exchange keys in order to allow the client to login into the server without typing a password.
  • Add in the file /etc/network/if-up.d/reverse-ssh-tunnel the following commands
#!/bin/bash
su -c "autossh -f -N -R *:15000:localhost:22 user@remote_host.com"

that are runed on startup and allow the access to the client with the command:

ssh <username>@localhost -p 15000
  • Give to the file the execution permission:
sudo chmod +x /etc/network/if-up.d/reverse-ssh-tunnel

The client must have the ability to connect with the server without password. To this extent follow the guide “SSH login without password” at the beginning of the page.


If you found any error, or if you want to partecipate to the editing of this wiki, please contact: admin [at] skenz.it

You can reuse, distribute or modify the content of this page, but you must cite in any document (or webpage) this url: https://www.skenz.it/cs/ssh?do=
/web/htdocs/www.skenz.it/home/data/pages/cs/ssh.txt · Last modified: 2020/11/26 23:18 (external edit)