SSH / SCP / rsync
Usage of SSH, SCP and rsync
Generate key
From Create ed25519 key
ssh-keygen -t ed25519 -b 4096 -C "user@mail"ssh-keygen -t ed25519ssh-keygen -t rsa -b 2048Add to server
Connect to your remote server and add your public key to ~/.ssh/authorized_keys.
vim ~/.ssh/authorized_keysssh-ed25519 AAAAC3Nza...And add your id_ed25519.pub or id_rsa.pub.
Exit your remote server and try SSH connection.
Usage
INFO
To find your IP address, you can use:
ip a | grep glo | awk '{print $2}' | head -1 | cut -f1 -d/Here, user is your username, hostname is your server hostname or IP address.
ssh <user>@<hostname>If it works, you can disable password authentication.
Disable password authentication
You can disable password authentication by editing the /etc/ssh/sshd_config file on your server.
vim /etc/ssh/sshd_configChange the PasswordAuthentication option:
PasswordAuthentication yes
PasswordAuthentication noRestart the SSH service:
systemctl restart sshdUse different port
By default, SSH uses port 22. You can change it by editing the /etc/ssh/sshd_config file on your server.
vim /etc/ssh/sshd_configChange the port number:
Port 22
Port 23Restart the SSH service:
systemctl restart sshdWARNING
Don't forget to open the port in your server firewall. If you use UFW, you can use:
ufw allow <port>And check the status:
ufw statusYou can delete old port:
ufw delete allow <old port>To use SSH on a different port, you need to specify the port number when connecting.
ssh -p <port> <user>@<hostname>Use different private key
By default, SSH uses ~/.ssh/id_ed25519 or ~/.ssh/id_rsa as private key. You can use different private key by using -i option.
ssh -i <private key filename> <user>@<hostname>You can use -o option to specify IdentitiesOnly to prevent SSH from trying other authentication methods.
ssh -o "IdentitiesOnly=yes" -i <private key filename> <user>@<hostname>SSH config
You can create a ~/.ssh/config file to store your SSH configuration.
vim ~/.ssh/configHostis the alias you want to use to connect to your server.HostNameis the IP address or hostname of your server.Useris your username.Portis the port number.IdentityFileis the path to your private key.IdentitiesOnlyis set toyesto prevent SSH from trying other authentication methods.
Host <myserver>
HostName <hostname_or_ip_address>
User <username>
Port <port>
IdentityFile <private key filename path>
IdentitiesOnly yesNow you can connect to your server using the alias.
ssh <myserver>SSH config example
Host my-wonderful-server
HostName 123.456.789.0
User unicorn_admin
Port 22
IdentityFile ~/.ssh/id_ed25519
IdentitiesOnly yes
Host my-other-wonderful-server
HostName 123.456.789.1
User panda_admin
Port 23
IdentityFile ~/.ssh/id_rsa
IdentitiesOnly yesssh my-wonderful-serverSCP
SCP is a command-line utility that allows you to securely copy files and directories between two locations. This command use same authentication method as SSH.
From server to personal computer
scp username@from_host:file.txt /local/directory/From personal computer to server
scp file.txt username@to_host:/remote/directory/Use different SSH port
From server to personal computer
scp -P <port> username@from_host:file.txt /local/directory/From personal computer to server
scp -P <port> file.txt username@to_host:/remote/directory/rsync
Good alternative to SCP, rsync is a fast and versatile command-line utility for synchronizing files and directories between two locations over a remote shell, or from/to a remote rsync daemon. It uses an algorithm that minimizes the amount of data copied by only moving the portions of files that have changed.
rsync -Phhr username@server:/home/path/to/dir ./- -P for progress
- -hh for human human readible
- -r for recursive
Use different SSH port
rsync -Phhr -e 'ssh -p <port>' username@server:/home/path/to/dir ./