User Tools

Site Tools


cs:ssh
Return to Home page

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

cs:ssh [2015/10/28 15:22]
cs:ssh [2020/11/26 23:18] (current)
Line 1: Line 1:
 +====== SSH ======
 +===== SSH login without password =====
 +Generate a public and private key for a machine:
 +<code bash>
 +ssh-keygen -t rsa
 +</code>
 +do not put password. Private and public keys are stored in //~/.ssh/id_rsa// and //~/.ssh/id_rsa.pub// files, respectively.
  
 +Copy public key in the remote machine with the command:
 +<code bash>
 +cat ~/.ssh/id_rsa.pub | ssh <user_name>@<host/ip_address> 'cat >> .ssh/authorized_keys'
 +</code>
 +
 +Now login can be performed directly without password.
 +
 +Remember that in the remote host correct permissions are ''700'' for the ''.ssh'' directory, and ''600'' for the ''authorized_keys'' file.
 +
 +===== Reverse SSH tunneling =====
 +There are two PCs, the //client// behind a NAT and the //server// with a public IP address. We want to access the //client// from the //server//.
 +
 +We can follow the following steps:
 +  * Exchange keys in order to allow the //client// to login into the //server// without typing a password.
 +  * Add in the file ///etc/network/if-up.d/reverse-ssh-tunnel// the following commands
 +<code bash>
 +#!/bin/bash
 +su -c "autossh -f -N -R *:15000:localhost:22 user@remote_host.com"
 +</code>
 +that are runed on startup and allow the access to the //client// with the command:
 +<code bash>
 +ssh <username>@localhost -p 15000
 +</code>
 +  * Give to the file the execution permission:
 +<code bash>
 +sudo chmod +x /etc/network/if-up.d/reverse-ssh-tunnel
 +</code>
 +
 +The //client// must have the ability to connect with the //server// without password. To this extent follow the guide "SSH login without password" at the beginning of the page.

If you found any error, or if you want to partecipate to the editing of this wiki, please contact: admin [at] skenz.it

You can reuse, distribute or modify the content of this page, but you must cite in any document (or webpage) this url: https://www.skenz.it/cs/ssh?do=diff&rev=1446042163&difftype=sidebyside