OpenSSH is a suite of software tools for ensuring secure connection between computers on an insecure network. I recently set up my two Ubuntu Desktop machines on my office LAN so that I can connect and transfer files between them without hassle and thought I'd share the setup process here. Most of what I'm sharing here can be found under the Ubuntu Server Guide documentation, but I will be adding a few items of interest in this article.
First we start by installing the client and server software on both machines:
sudo apt install openssh-client
sudo apt install openssh-server
You can now verify that everything works by logging in to the other machine as follows:
ssh username@ipaddress or
Remember to use the username for the account on the other machine not the local machine. You will be prompted for a password in order to login.
The next step is to configure the server daemon by editing the
/etc/ssh/sshd_config file to use cryptographic identity keys to login rather than a password. To enable this uncomment the line:
If you wish to add a login banner with a welcome message, legal or security warnings you can modify the Banner line as follows:
After saving the changes restart the service:
sudo systemctl restart sshd.service
The next step is to generate the public and private keys required for authentication without passwords:
ssh-keygen -t rsa
This will generate two files named
~/.ssh/id_rsa.pub (the public key) and
~/.ssh/id_rsa (the private key). We now how to copy the
id_rsa.pub file to the remote host and append it to
~/.ssh/authorized_keys file. OpenSSH has a utility to do that as follows:
You should now be able to connect using ssh without being prompted for a password. To simplify things even more requiring less typing you can create a <code>~/.ssh/config</code> file with the user and host names or identity file if you wish to manually specify an identity file (private key) as is the case with my cloud server.
I can now logon to my asus machine by simply typing
ssh asus rather than
ssh sammy@asuspro and to my cloud server by typing
ssh mycloud rather than