SSH
Generate
From Create ed25519 key
ssh-keygen -t ed25519 -b 4096 -C "user@mail"
Add to server
Connect to your remote server and add your public key to ~/.ssh/authorized_keys
.
vim ~/.ssh/authorized_keys
ssh-ed25519 AAAAC3Nza...
And add your id_ed25519.pub
or id_rsa.pub
.
Exit your remote server and try SSH connection.
Usage
ip a | grep glo | awk '{print $2}' | head -1 | cut -f1 -d/
Here, user
is your username, hostname
is your server hostname or IP address.
ssh <user>@<hostname>
If it works, you can disable password authentication.
Disable password authentication
You can disable password authentication by editing the /etc/ssh/sshd_config
file on your server.
vim /etc/ssh/sshd_config
PasswordAuthentication no
systemctl restart sshd
Use different port
By default, SSH uses port 22. You can change it by editing the /etc/ssh/sshd_config
file on your server.
vim /etc/ssh/sshd_config
Change the port number.
Port <port>
systemctl restart sshd
ufw allow <port>
ufw status
ufw delete allow <old port>
To use SSH on a different port, you need to specify the port number when connecting.
ssh -p <port> <user>@<hostname>
Use different private key
By default, SSH uses ~/.ssh/id_ed25519
or ~/.ssh/id_rsa
as private key. You can use different private key by using -i
option.
ssh -i <private key filename> <user>@<hostname>
You can use -o
option to specify IdentitiesOnly
to prevent SSH from trying other authentication methods.
ssh -o "IdentitiesOnly=yes" -i <private key filename> <user>@<hostname>
Config
You can create a ~/.ssh/config
file to store your SSH configuration.
vim ~/.ssh/config
Host <myserver>
HostName <hostname_or_ip_address>
User <username>
Port <port>
IdentityFile <private key filename path>
IdentitiesOnly yes
ssh <myserver>
SCP
SCP is a command-line utility that allows you to securely copy files and directories between two locations. This command use same authentication method as SSH.
From server to personal computer
scp username@from_host:file.txt /local/directory/
From personal computer to server
scp file.txt username@to_host:/remote/directory/
RSYNC
Good alternative to SCP, rsync is a fast and versatile command-line utility for synchronizing files and directories between two locations over a remote shell, or from/to a remote RSYNC daemon. It uses an algorithm that minimizes the amount of data copied by only moving the portions of files that have changed.
rsync -Phhr username@server:/home/path/to/dir ./
-P for progress-hh for human human readible-r for récursif