Ubuntu – Setting up ssh server on Ubuntu dektop

sshUbuntu

I'm setting up a ssh server on 10.10(soon to be 11.04) desktop. I'm sure this goes without saying but, I want it to be as simple and secure as possible. I only plan to connect from one other Ubuntu machine. I have a few starter questions –

ssh-keygen -t dsa will create a key.

I then simply attach(cat) that key to the end of the authorized_keys2 file on the remote computer?
That is secure?
What is the difference between the public and private key?
- How do I get the sshd daemon to start at startup? I'd like to run this headless without X starting.
- How can I easily start and stop an X session?

references – https://help.ubuntu.com/8.04/serverg…sh-server.html
and https://help.ubuntu.com/community/SS…dvancedOpenSSH

Best Answer

I think you're making the SSH component harder than it needs to be.

On the remote machine (ssh server) you do:

# apt-get install ssh

This installs ssh, sets it to start on bootup, and starts it up right then

Then you do, on the client machine:

$ ssh-keygen

Answer, the questions when prompted. Then do

$ ssh-copy-id <user>@<ssh server>

Where <username> is the user you want to authenticate as with your key, and <ssh server> is the ip address/host/dns of the SSH server you want to add your key too. Then test it!

$ ssh <user>@<ssh server>

Now that you're in you want to get root perms...

$ sudo su

And, now that you've got root perms, edit /etc/ssh/sshd_config

# vim /etc/ssh/sshd_config

Assuming you know basic vim of course… Now, change the line that reads

PasswordAuthentication yes

PasswordAuthentication no

That's it for setting up SSH on an Ubuntu machine. Now only you can get into it with your key.

Related Solutions

SSH service will not start on fresh Cygwin 1.7.15 install

Try disabling privilege separation in /etc/sshd_config

Word – Finding sshd log file

The way to see what is going on on the server is to start the sshd daemon with these options:

  /usr/sbin/sshd -dD

The two options are (from the Man page):

-D When this option is specified, sshd will not detach and does not become a daemon. This allows easy monitoring of sshd.

-d      Debug mode.  The server sends verbose debug output to standard error, and does not put itself in the
         background.  The server also will not fork and will only process one connection.  This option is only
         intended for debugging for the server.  Multiple -d options increase the debugging level.  Maximum is
         3.

This should be plenty. For the past, it depends on your distro. I get messages in /var/log/auth.log, but you can search for messages relating to ssh in the same directory by means of

    find /var/log -type f -exec grep -l ssh {} \;

which will output the names of all files containing the expression ssh. You will then have to check their content.

Best Answer

Related Solutions

SSH service will not start on fresh Cygwin 1.7.15 install

Word – Finding sshd log file

Related Question