Vk 38 SSH

SSH yhteys


$ sudo apt install -y openssh-server

-testi onko päällä, $ sudo systemctl status ssh
● ssh.service – OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2018-09-19 17:10:15 EEST; 2min 36s ago
Main PID: 3297 (sshd)
Tasks: 1 (limit: 4662)
CGroup: /system.slice/ssh.service
└─3297 /usr/sbin/sshd -D

syys 19 17:10:15 otso-VirtualBox systemd[1]: Starting OpenBSD Secure Shell server…
syys 19 17:10:15 otso-VirtualBox sshd[3297]: Server listening on port 22.
syys 19 17:10:15 otso-VirtualBox sshd[3297]: Server listening on :: port 22.
syys 19 17:10:15 otso-VirtualBox systemd[1]: Started OpenBSD Secure Shell server.
-on päällä!

2. Setting file?

-root@otso-VirtualBox:/etc/ssh# ls
moduli sshd_config ssh_host_ecdsa_key.pub ssh_host_ed25519_key.pub ssh_host_rsa_key.pub
ssh_config ssh_host_ecdsa_key ssh_host_ed25519_key ssh_host_rsa_key ssh_import_id

-täällä ssh_config

-Host *
# ForwardAgent no
# ForwardX11 no
# ForwardX11Trusted yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# GSSAPIKeyExchange no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# IdentityFile ~/.ssh/id_ecdsa
# IdentityFile ~/.ssh/id_ed25519
# Port 22
# Protocol 2
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc
# MACs hmac-md5,hmac-sha1,umac-64@openssh.com
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
# VisualHostKey no
# ProxyCommand ssh -q -W %h:%p gateway.example.com
# RekeyLimit 1G 1h
SendEnv LANG LC_*
HashKnownHosts yes
GSSAPIAuthentication yes

-kaikkea tälläistä voi tehdä.. muun muassa passwordAuthentication..


-pääsin serveriltä desktoppiin, komennolla ssh otso@
-tämän jälkeen piti antaa otso@ salasana

SSH exercise
Copy a file to your home directory in myy.haaga-helia.fi. Use first scp command then do the same using sftp.

ssh_scp serverille.PNG


sftp_serverille kopiointi
Create a keypair and copy the public key to myy.haaga-helia.fi. You can use scp or sftp or ssh-copy-id.
Test if you can now login to myy.haaga-helia.fi with the keys.
(It may be a good idea to delete the key in myy after the exercise.)



.ssh_ls-la näkymä

-oikeudet on oikein ~/.ssh directorylla on 700 oikeudet ja private key:llä on 600 oikeus.

-Kopiointiin serverille käytin ssh-copy-id user@server komentoa

[a1704549@myy-2012 .ssh]$ ls -la
total 12
drwx—— 2 a1704549 oppi 4096 16.10. 19:32 .
drwx–x–x 13 a1704549 oppi 4096 16.10. 19:32 ..
-rw——- 1 a1704549 oppi 402 16.10. 19:32 authorized_keys
[a1704549@myy-2012 .ssh]$

-Myy serverillä oikeudet olivat oikein .ssh kansiossa. 700 ja 600 oikeudet.

[a1704549@myy-2012 .ssh]$ exit
Connection to myy.haaga-helia.fi closed.
otso@otso-VirtualBox:~/.ssh$ ssh a1704549@myy.haaga-helia.fi

Last login: Tue Oct 16 19:33:10 2018 from 91-152-135-22.elisa-laajakaista.fi

[a1704549@myy-2012 ~]$

-Pääsin kirjautumaan ilman salasanaa eli ssh toimii.


Install ssh server in your (virtual?) computer. Test if you can access your computer with ssh. (you can access
it with address localhost)


serveriltä localille

Viimeiseksi poistin serveriltä .ssh kansiosta authorized_keys -julkisen avaimen,  turvallisuus syistä.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s