Added SSH Tutorial
This commit is contained in:
Jun Wei Woon
parent
9fda9116f7
commit
a57e5d5b1f
|
|
@ -41,7 +41,7 @@ I have used a few Linux distributions in the past, mainly:
|
|||
|
||||
* Arch Variants
|
||||
* Manjaro
|
||||
* Arch Linux
|
||||
* Arch Linux _i use arch btw_
|
||||
|
||||
* RHEL Variants
|
||||
* CentOS
|
||||
|
|
@ -53,4 +53,42 @@ I have used a few Linux distributions in the past, mainly:
|
|||
|
||||
I have developed scripts(Python/Bash) for some of these distributions for automation, which I may share some of the scripts and its use cases in this site. In the screen shot above, there are mini scripts used to display items, for example, the status bar has scripts to display time, volume or music. The lyrics viewer is also another script I developed as I couldn't find any programs online that fits my use case.
|
||||
|
||||
# Text Editors/IDEs
|
||||
|
||||
Over the years I've spent developing scripts and programs, I have used text editors for different Languages. Here are some of the editors I used in the past
|
||||
|
||||
* Notepad++
|
||||
- Web Development(HTML,CSS,JS)
|
||||
* Eclipse
|
||||
- Java & Javafx Development
|
||||
* IntelliJ IDEA
|
||||
- Java & Javafx Development
|
||||
* Visual Studio
|
||||
- C#, ASP.Net
|
||||
* Pycharm
|
||||
- Python Scripting
|
||||
* Visual Studio Code
|
||||
- Python & Bash Scripting
|
||||
* Vim/Neovim
|
||||
- Python & Bash Scripting
|
||||
- Java Terminal Applications
|
||||
- Golang Terminal Applications
|
||||
|
||||
# Virtualization/Virtual Machine Managers
|
||||
|
||||
Deploying Virtual Machines are an essential part to computer science, as it allows us to test and deploy applications in a "containerized" environment.
|
||||
Many of the Virtual Machines I've used/deployed are used for penetration testing, Malware Analysis or just for fun! Virtual Machines allow us to use certain programs from another OS without destroying our base OS. Here are some of the virtualization technologies I have used in the past:
|
||||
|
||||
* Vmware player/workstation
|
||||
* EXSI
|
||||
* VirtualBox
|
||||
* Proxmox
|
||||
* FreeNAS(bhyve)
|
||||
|
||||
# Hardware
|
||||
Here are some of the computer hardware which I have played with in the past:
|
||||
|
||||
* Raspberry Pi 3b+ & 4b
|
||||
* My current desktop (Dell Optiplex 7010)
|
||||
|
||||
__Thanks for checking out my website!__
|
||||
|
|
|
|||
|
|
@ -0,0 +1,102 @@
|
|||
---
|
||||
author: "Devoalda"
|
||||
authorEmoji: 🐺
|
||||
title: "SSH"
|
||||
date: 2020-07-05T18:15:01+08:00
|
||||
description: SSH Configurations
|
||||
draft: false
|
||||
hideToc: false
|
||||
enableToc: true
|
||||
enableTocContent: true
|
||||
tocPosition: inner
|
||||
tocLevels: ["h2", "h3", "h4"]
|
||||
tags:
|
||||
- linux
|
||||
- arch
|
||||
- program
|
||||
- ssh
|
||||
series:
|
||||
- Linux Programs
|
||||
categories:
|
||||
- linux
|
||||
- program
|
||||
---
|
||||
# SSH Setup guide
|
||||
|
||||
## Introduction
|
||||
SSH is an important tool as a system administrator. It allows for remote connection to your machine through a client, and the ability to control your machine from wherever you are.
|
||||
|
||||
However, malicious attackers are able to do a brute force attack on your machine via SSH. Therefore, this tutorial will not only setup your ssh server, it will strengthen the server to help against unwanted brute force attacks.
|
||||
|
||||
This tutorial will setup SSH on your machine on port 2222, instead of the default port 22; Disables remote root login, and also password authentication. You will be able to connect to your machine via ssh keypairs for added security, instead of entering your password.
|
||||
|
||||
You will need 2 machines to use keypair authentication
|
||||
|
||||
## Installation
|
||||
Install openssh and ufw with your package manager on both your local and remote machines
|
||||
|
||||
```bash
|
||||
yay -S openssh ufw
|
||||
```
|
||||
|
||||
## Start and enable ssh service
|
||||
```bash
|
||||
sudo systemctl start sshd
|
||||
sudo systemctl enable sshd
|
||||
```
|
||||
## Key generation
|
||||
Use Command
|
||||
```bash
|
||||
ssh-keygen -t rsa
|
||||
|
||||
ssh-copy-id -i ~/.ssh/id_rsa.pub <Username>@<Remote IP Address>
|
||||
```
|
||||
Follow the prompt to generate a key, copy key to remote machines
|
||||
|
||||
**REST** of the configurations below are done in the ___remote___ machine
|
||||
|
||||
## SSH Configurations
|
||||
On the **remote** machine, edit sshd_config file
|
||||
```bash
|
||||
sudo vim /etc/ssh/sshd_config
|
||||
```
|
||||
|
||||
Add the following configurations
|
||||
```bash
|
||||
Port 2222
|
||||
PermitRootLogin no
|
||||
AllowUsers <username>
|
||||
PasswordAuthentication no
|
||||
```
|
||||
Restart sshd service
|
||||
```
|
||||
sudo systemctl restart sshd
|
||||
```
|
||||
|
||||
**Note** sshd_config file location may vary with different distros
|
||||
|
||||
### Config explanation and notes
|
||||
* Port - Specify Port number to your liking
|
||||
* PermitRootLogin - Self Explanatory
|
||||
* Allow Users - Self Explanatory
|
||||
* Password Authentication - Disable Password authentication to use key
|
||||
* __Remember__ to ssh-copy-id to machine before adding this
|
||||
|
||||
## Enable ufw firewall service to start on boot
|
||||
```
|
||||
sudo systemctl start ufw
|
||||
sudo systemctl enable ufw
|
||||
```
|
||||
|
||||
## Firewall
|
||||
Allow ssh port on the firewall, I am using non-default ports for ssh
|
||||
```
|
||||
sudo ufw limit 2222/tcp comment 'SSH Port 2222 limit'
|
||||
```
|
||||
|
||||
## Connection
|
||||
On your machine, connect to the remote machine with:
|
||||
```
|
||||
ssh -p 2222 <username>@<Remote IP Address>
|
||||
```
|
||||
|
||||
Loading…
Reference in New Issue