-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathServer_and_Client.txt
136 lines (98 loc) · 4.21 KB
/
Server_and_Client.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
Content-Type: text/x-zim-wiki
Wiki-Format: zim 0.4
Creation-Date: 2016-12-03T13:49:41+01:00
====== Server and Client ======
Created lørdag 03 december 2016
**# Install the **//openssh//** package. This will have to be installed on both a client or a server machine.**
$ pacman -S openssh
===== Client Usage =====
**# Client side usage**
**# The default SSH port is **//22//
== Usage ==
**# Connecting to a server**
$ ssh -p //<portnumber> <user>//@//<server-address> //**# Note the **//@ //**between user and address.**
== Tips and Tricks ==
**# Run process on the server display output - ex. running **//mplayer//** on your media-server^**
$ DISPLAY=:0 mplayer ///path/to/movie //-fs
== Configuration ==
**# Add/edit **//~/.ssh/config //**This will be referred to as the ssh configuration**
**# Add a global username for all the hosts you visit**
{{{code: lang="texinfo" linenumbers="True"
User <USER_NAME>
}}}
**# Improved performance, add the following to the ssh configuration**
{{{code: lang="texinfo" linenumbers="True"
ControlMaster auto
ControlPersist yes
ControlPath ~/.ssh/sockets/socket-%r@%h:%p
}}}
== Host Aliasses ==
**# To provide an alias for a commonly used host, add the following to the ssh config**
{{{code: lang="texinfo" linenumbers="True"
Host <SERVER_NAME> # Give it a optional name
HostName <SERVER_ADDRESS>
Port <PORT_NUMBER>
}}}
**# You are now able to use alias shortcuts, instead of the full **//ssh user@host//** string**
$ ssh //<SERVER_NAME>//
===== Server Usage =====
**# Server side usage**
== URxvt ==
**# While using URxvt on your local (client) machine, it'll act up connecting to the server.**
**# Binds all messed and what not - To fix this, install **//rxvt-unicode-terminfo //**on the server machine**
$ pacman -S rxvt-unicode-terminfo
== Configuration ==
**# The configuration file can be found in **///etc/ssh/sshd_config //
**#** **Note the "d" **//ssh//**d**_config **(daemon) - This will be referred to as the configuration file **
**# Disable root login, edit the following in the configuration file**
{{{code: lang="texinfo" linenumbers="True"
PermitRootLogin no
}}}
**# Change port number (optional) - default is port 22**
{{{code: lang="texinfo" linenumbers="True"
Port <PORT_NUMBER>
}}}
**# To disable the SSH login (password login) - f.ex. to only use SSH key authentication (See below). **
**# Uncomment and change to **//no//** in the following **
{{{code: lang="texinfo" linenumbers="True"
PasswordAuthentication no
ChallengeResponseAuthentication no
}}}
== SSH key authentication ==
**# The public key, from the client, will have to be located on the server machine.**
**# Say our clients public SSH key is located on our servers home folder **//~///<somekey>//.pub//
**# Create, if it doesn't already exists, a folder at **//~/.ssh//
$ mkdir ~/.ssh
$ chmod 700 ~/.ssh
**# Import the public key, from the client, to the **//authorized_keys//** file **
$ cat ~///<somekey>//.pub >> ~/.ssh/authorized_keys
**# Remove the public key and change the folder permission back to only user-usable**
$ rm ~///<somekey>//.pub
$ chmod 600 ~/.ssh/authorized_keys
==== Starting the daemon ====
**# Starting the server side daemon**
== The easy way ==
**#** **just starting the daemon to constantly be running (preferred option below)**
**# This method might come in handy if you have several (maybe unknown) IPs connecting**
$ systemctl enable sshd.service **# Note the preferred option below!**
== The preferred way ==
**# To only start the daemon process when a allowed connection is incomming, enable the following**
$ systemctl enable sshd.socket
$ systemctl enable sshd@.service
**# Edit your socket file to ONLY allow certain IP-adresses**
$ systemctl edit sshd.socket
**# Add the following - portnumber is the port that the SERVER/HOST is listening for (default 22)**
{{{code: lang="texinfo" linenumbers="True"
[socket]
FreeBind=true
ListenStream= # Add ip and portnumber, ex 192.168.0.1:22
ListenStream=<IP_ADDRESS>:<PORT_NUMBER>
}}}
==== Tips and Tricks ====
**# Some random Tips and Tricks**
== Keep Alive ==
**# To make sure that the SSH server wont log you out, **
**#** **uncomment and change the following in the configuration file**
{{{code: lang="texinfo" linenumbers="True"
ClientAliveInterval 120
}}}