Differences

This shows you the differences between two versions of the page.

--- tools:ssh [2025/09/09 21:30] – Humphrey Boa-Gart
+++ tools:ssh [2025/09/30 22:44] (current) – external edit 127.0.0.1
@@ Line 13: / Line 13: @@
 ===== Implementations =====
-==== Linux ====
+==== Linux, BSD & MacOS ====
-Most Linux distros come with [[https://www.openssh.com/|OpenSSH]], a package which has both an SSH client and a server. To make an SSH connection in your [[tools:bash|terminal]], run the ''ssh'' command against a domain or IP address, and when prompted give your password:
+MacOS and most *nix distros come with [[https://www.openssh.com/|OpenSSH]]. To make an SSH connection in your [[tools:bash|terminal]], run the ''ssh'' command against a domain or IP address, and when prompted give your password:
-  $ ssh user@domain.com
+  $ ssh username@domain.com
   or
-  $ ssh user@123.123.123.123
+  $ ssh username@123.123.123.123
@@ Line 39: / Line 39: @@
 SSH can be further secured by using **public/private key pairs** instead of plaintext passwords. To generate them, use the ''ssh-keygen'' command:
-  $ ssh-keygen -t ed25519 -C "youremail@domain.com"
+  $ ssh-keygen -t ed25519 -C "youremail@domain.com" -f ~/.ssh/keys/name_of_key
-Fill in the prompts, and it will generate a key pair. Insert the public key (ending in ''.pub'') into your remote user's ''.ssh/authorized_keys'' file. Then insert the path to the private key in your local user's ''.ssh/config'' file, as detailed below.
+Fill in the prompts, and it will generate a key pair. Use the ''ssh-copy-id'' command to insert the public key into the remote user's ''.ssh/authorized_keys'' file:
+  $ ssh-copy-id -i ~/.ssh/keys/name_of_key.pub username@domain.com
+To do this manually, just use a text editor to copy the contents of the public key (ending in ''.pub'') into your remote user's ''.ssh/authorized_keys'' file.
+Once that is done, insert the path to the private key in your local user's ''.ssh/config'' file, as detailed below.
@@ Line 79: / Line 85: @@
 ===== Other Key Uses ====
-The same key pairs generated by ''ssh-keygen'' or PuTTYgen can be used for things beyond remote terminals. For example, Github supports the use of key pairs for pushing updates to repos. Some services might not support ed25519-based keys. To generate a 4096 bit RSA key with ''ssh-keygen'', run:
+The same key pairs generated by ''ssh-keygen'' or PuTTYgen can be used for things beyond remote terminals. For example, Github supports the use of key pairs for pushing updates to repos.
+Some services might not support ed25519-based keys. To generate a more widely-compatible 4096 bit RSA key, run:
   $ ssh-keygen -t rsa -b 4096 -C "youremail@domain.com"
+===== File Transfer over SSH =====
+You can also use SSH to securely transfer files between machines, using the built-in ''sftp'' command. Read our [[tools:sftp|SFTP manual]] for more information on how to do this.
+===== Running SSH Servers =====
+[[https://www.openssh.com/|OpenSSH]], the package that provides MacOS and most Linux distros with their SSH client, also includes a separate SSH server application. Most servers will have this service preconfigured as a daemon, as there would be no way to log in to the machine without it. If you wish to build your own SSH server there are many options, but OpenSSH is the most well-known and widely supported.
+Make sure to install and configure [[tools:ufw|ufw]] and [[tools:fail2ban|fail2ban]] if you have an SSH server that is accessible to the open internet!
 {{tag>Tools Shells Tunneling}}

User Tools

Site Tools

Differences