From 93a48fded8aa41dcf02effc5f48028a8ff5eaa9a Mon Sep 17 00:00:00 2001 From: Malin Freeborn Date: Wed, 27 Sep 2023 02:18:40 +0200 Subject: [PATCH] write basic ssh --- networking/ssh.md | 89 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 89 insertions(+) create mode 100644 networking/ssh.md diff --git a/networking/ssh.md b/networking/ssh.md new file mode 100644 index 0000000..ffb3f17 --- /dev/null +++ b/networking/ssh.md @@ -0,0 +1,89 @@ +--- +title: "ssh" +tags: [ "networking" ] +--- +# Basic `ssh` + +Try out basic ssh by accessing `git.charm.sh`, without needing authentication: + + +```bash +ssh git.charm.sh +``` + +Start an ssh server to try it out. +The ssh server is sometimes in a package called `openssh`, and sometimes only in `openssh-server`. + +Once it's installed, check it's working: + +```bash +sudo systemctl status ssh +``` + +If that doesn't work, the service may be called `sshd`. + +```bash +sudo systemctl status sshd +``` + +Then start that service: + +```bash +sudo systemctl start sshd +``` +Test it works by using ssh into your own system, from inside: + + +```bash +ssh $USER@localhost +``` + +Access the computer from another computer on the same local network by finding your computer's IP address. + + +```bash +ip address | grep inet +``` + +Here is mine: + + +> inet 127.0.0.1/8 scope host lo +> +> inet6 ::1/128 scope host noprefixroute +> +> inet 192.168.0.12/24 brd 192.168.0.255 scope global dynamic noprefixroute en + + +The first one starts `127`, which means it returns back to that computer (like `localhost`). +The second is an ipv6 address, which is too angelic for this world, and has yet to ascend. +The third will work from a remote computer. + + +```bash +ssh $USERNAME@IP_ADDRESS +``` + +Once you have that, generate some ssh keys: + +```bash +ssh-keygen +``` + +Look at your keys: + + +```bash +ls ~/.ssh +``` + +You can share the one ending in `.pub` freely. +The other is secret. + +Now send those keys to a remote computer: + +```bash +ssh-copy-id $USERNAME@IP_ADDRESS +``` + +Now you can log in without a password.