-------------------------------------------
  * **ssh** 
  * **Jonathan Haack**
  * **Haack's Networking**
  * **netcmnd@jonathanhaack.com** 

-------------------------------------------

Generate keys

  ssh-keygen
  
Send your public key to trusted parties by copying the output below.  Code Talkers should email them to [[mailto:netcmnd@jonathanhaack.com|netcmnd]]

  cd ~/.ssh/
  cat id_rsa.pub
  
If you emailed me your key, I can add you to the Code Talkers Hacking Club Git Lab.  Now, you should enable your digital ocean vps for ssh as follows

  ssh-copy-id username@xxx.xxx.xxx.xxx
  
That's it - you should now no longer need to enter your password.  If this is not working, check your configuration using the commands below and try again.  You might need to enable public key authentication.

  cd /etc/ssh/
  sudo nano sshd_config
  sudo systemctl restart sshd.service
  sudo systemctl restart ssh.service

Keep those public and private key pairs protected.  If you did not change anything, they have the permissions below.  But we all make mistakes!

  chmod 700 ~/.ssh 
  chmod 644 ~/.ssh/id_rsa.pub
  chmod 600 ~/.ssh/id_rsa
  chmod 755 ~/

Using with screen ... more later

  ssh -t xx.xx.xx.xx screen -DRO
  
config options for /etc/ssh/sshd_config
  
  Port 53535
  PubkeyAuthentication yes
  PasswordAuthentication no
  PermitRootLogin prohibit-password
  Protocol 2
  AllowUsers sally
  AllowUsers johnny
  PermitEmptyPasswords no
  X11Forwarding yes
  PrintMotd yes
  ChallengeResponseAuthentication no
  UsePAM yes
  
Then, always restart the service
  
  sudo systemctl restart sshd.service
  



 --- //[[jonathan@haacksnetworking.com|oemb1905]] 2021/10/15 11:53//