reecefowell/Setup-OpenSSH-on-Ubuntu-14.md

## Setup-OpenSSH-on-Ubuntu-14.md

      
    Raw
  

              Setup-OpenSSH-on-Ubuntu-14.md
            
          
    On Ubuntu 14 machine

Setup SSH files


mkdir ~/.ssh
chmod 700 ~/.ssh
touch ~/.ssh/authorized_keys
chmod 700 ~/.ssh/authorized_keys
touch ~/.ssh/known_hosts
chmod 700 ~/.ssh/known_hosts

Setup keys


ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
eval $(ssh-agent)
ssh-add ~/.ssh/id_rsa
sudo service ssh restart

Backup OpenSSH configuration


cp /etc/ssh/ssh_config /etc/ssh/ssh_config.factory
cp /etc/ssh/sshd_config /etc/shs/sshd_config.factory

Modify the following in the file ~/.ssh/config with contents
ForwardAgent yes

Modify the following in the file /etc/ssh/sshd_config with contents
AuthorizedKeysFile     %h/.ssh/authorized_keys
ChallengeResponseAuthentication no
PasswordAuthentication no
AllowTcpForwarding yes
UsePAM no

Modify the following in the file /etc/ssh/ssh_config with contents
Host *
    # ...
    ForwardAgent yes
    ForwardX11 yes
    PasswordAuthentication no
    PubkeyAuthentication yes

On Host Mac OS X machine, make remote machines identity authorized

scp reece@192.168.218:/home/reece/.ssh/id_rsa.pub ~/.ssh/id_rsa_ubuntu14.pub
cp ~/.ssh/authorized_keys ~/.ssh/authorized_keys_backup
cat ~/.ssh/id_rsa_ubuntu14.pub >> ~/.ssh/authorized_keys

On Host Mac OS X, copy identity to remote machine to authorize identity

scp ~/.ssh/id_rsa.pub reece@192.168.218:/home/reece/.ssh/id_rsa_macpro.pub

On Ubuntu 14

cp ~/.ssh/authorized_keys ~/.ssh/authorized_keys_backup
cat ~/.ssh/id_rsa_macpro.pub >> ~/.ssh/authorized_keys

Use the -vvv option when ssh'ing into the remote machine to check output if authentication is rejected
Sources


https://help.ubuntu.com/lts/serverguide/openssh-server.html
https://help.ubuntu.com/community/SSH/OpenSSH/Keys
https://help.github.com/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent/#platform-linux