dmzconf/setup/ssh_FAQ.md

105 lines
2.3 KiB
Markdown
Raw Permalink Normal View History

2024-12-05 16:06:07 +00:00
---
volume: Decentrala
section: 6
title: ssh setup
author: Malin
source: dmz.rs
---
## Step 1: Basic `ssh`
> I did stuff with my `ssh` and now things don't work. What do?
Check the permissions on your `ssh` directory:
```bash
$ ls -d ~/.ssh
2024-12-05 16:12:10 +00:00
drwxr-x--- - ghost 3 Dec 12:55 /home/ghost/.ssh
2024-12-05 16:06:07 +00:00
```
This is wrong, because anyone in your `~` can see you `ssh` configuration files.
```bash
$ chmod -R 600 ~/.ssh
$ ls -d ~/.ssh
2024-12-05 16:12:10 +00:00
drw------- - ghost 3 Dec 12:55 /home/ghost/.ssh
2024-12-05 16:06:07 +00:00
```
This is also wrong - entering a directory is the same as executing it.
If you can't 'execute' the directory, you cannot enter it, and `ssh` cannot read the files.
```bash
$ chmod -R 700 ~/.ssh
$ ls -l ~/.config
-rwx------ 1 ghost dmz 578 Dec 27 2022 authorized hosts
-rwx------ 1 ghost dmz 1145 Dec 27 2022 authorized keys
-rwx------ 2 ghost dmz 366 Dec 14 18:36 config
-rwx------ 1 ghost dmz 419 Dec 11 2023 id ed25519
-rwx------ 1 ghost dmz 106 Dec 11 2023 id ed25519.pub
-rwx------ 1 ghost dmz 2610 Dec 27 2022 id rsa
-rwx------ 1 ghost dmz 578 Dec 27 2022 id rsa.pub
-rwx------ 1 ghost dmz 28269 Dec 28 17:32 known hosts
```
Now all the files have 'read, write, and execute', but only for `$USER`.
## Step 2: The Config File
> I have 43 different `ssh` keys. Something doesn't work with a program. What do?
- Option 1: Delete all of them and stop asking Santa for `ssh` keys.
- Option 2: Define which one you want to use in the `~/.ssh/config` file.
```
Host soft
HostName soft.dmz.rs
Port 2222
User ghost
IdentityFile ~/.ssh/id rsa
Host dmz
HostName dmz.rs
Port 123
User root
Host krov
HostName dmz.rs
Port 5555
User ghost
Host june
HostName 192.168.1.100
User ghost
ProxyJump krov
```
The first example lets you go to the `soft-serve` git-server just by typing
```bash
$ ssh soft
```
If you're not sure if ssh is using the right key, try with `-v` for 'verbose mode'.
```bash
$ ssh -vv soft
```
If you're not sure if ssh is using the right key, try with `-v` for 'verbose mode'.
> `git` is not working with `ssh`
`git` will not presume to use your `ssh` config file unless you tell it:
```bash
$ GIT_SSH_COMMAND="ssh -F ~/.ssh/config" git pull
```
If that works, you can make the change permanent for that one repository:
```bash
$ git config core.sshCommand "ssh -F ~/.ssh/config"
```