SlideShare a Scribd company logo

SSH how to 2011

Chris Hales
Chris Hales

Internal knowledge share on SSH setup and usage. Includes some helpful config file options to save time and how to create and use SSH keys for better security and productivity.

1 of 22
Downloaded 31 times
SSH Keys and Configurations Chris Hales
What is SSH? Secure Shell aka SSH is a secure encrypted communication protocol designed to replace older insecure protocols like telnet, rsh, and ftp.
What is SSH? Secure Shell aka SSH is a secure encrypted communication protocol designed to replace older insecure protocols like telnet, rsh, and ftp. SSH authentication can be done with a username and password combination which is the default. Here's the most simplistic usage we might encounter. $ ssh user@secureserver After you connect to secureserver you are normally asked for your password to complete the login.
What is SSH? Secure Shell aka SSH is a secure encrypted communication protocol designed to replace older insecure protocols like telnet, rsh, and ftp. SSH authentication can be done with a username and password combination which is the default. Here's the most simplistic usage we might encounter. $ ssh user@secureserver After you connect to secureserver you are normally asked for your password to complete the login. When you start doing this over and over again for many systems with various paswords it can become pretty tedious. What if there was a way to simplify the process? Time for SSH Keys to save the day!
Enter SSH Keys! SSH can be configured to use key pairs so that you don't have to type your password in every time you need to log into a commonly accessed system. Your public key is placed on all systems you wish to access using your private key.
Enter SSH Keys! SSH can be configured to use key pairs so that you don't have to type your password in every time you need to log into a commonly accessed system. Your public key is placed on all systems you wish to access using your private key. There's a lot of technical details surrounding public-key cryptography but for our purposes all you really need to know is that it's a really secure way of proving who you are to a third party system. Let's begin with creating your key pair if you don't already have one. Mac and Linux setup is basically identical. For Windows you will need Putty and PuTTYgen installed.
Key Creation for Windows For Windows users I'm cheating and sending you to an excellent PuTTYgen how-to which includes key pair creation. http://theillustratednetwork.mvps.org/Ssh/Private-publicKey.html
Key Creation for Mac/Linux On unix like systems (Ubuntu, OSX, etc.) we'll need to go through a few steps. Fortunately it's likely you already have an SSH directory because if you have ever used SSH one was created for you. Open up a terminal window and check your home directory for a hidden . ssh directory. $ cd ~/.ssh
Key Creation for Mac/Linux On unix like systems (Ubuntu, OSX, etc.) we'll need to go through a few steps. Fortunately it's likely you already have an SSH directory because if you have ever used SSH one was created for you. Open up a terminal window and check your home directory for a hidden . ssh directory. $ cd ~/.ssh If you receive a "no such file or directory" type of error message you have not used SSH and certainly don't have a key installed on your system. Next we'll create a set of keys which will create the file structure we need for us automatically.
Key Creation for Mac/Linux When you create an SSH key pair you want to enter a strong passphrase when prompted to do so*. While you could skip the passphrase it would allow anyone who can access it the ability to use it. Your key is valuable and it should be protected at all costs.
Key Creation for Mac/Linux When you create an SSH key pair you want to enter a strong passphrase when prompted to do so*. While you could skip the passphrase it would allow anyone who can access it the ability to use it. Your key is valuable and it should be protected at all costs. Let's create a strong 2048 bit RSA key with your email address included. $ ssh-keygen -t rsa -b 2048 -C"user@domain.com" You will be asked for a few options and you can leave those as their defaults but when asked for a passphrase choose a solid one. * A common practice when using SSH keys is to omit a passphrase because the default setup requires that you enter your passphrase each time you use your key which is seemingly the same as typing a password at login each time. Further in we'll cover how to work around this so you only need to enter your passphrase once per session.
Key Creation for Mac/Linux Once your key is created you should see some new files which were indicated during your key generation. $ cd ~/.ssh $ ls ~/.ssh/id_rsa This is your private key file that ssh will read by default when a login attempt is made. You can have multiple keys, i.e. id_otherkey. ~/.ssh/id_rsa.pub This is your public key file for authentication. The contents of this file should be added to ~/.ssh/authorized_keys on all machines where you wish to login using key authentication. There is no need to keep the contents of this file secret.
Key Creation for Mac/Linux To use your shiny new key on a server you need to copy your public key over the the authorized_keys file. It's usually not safe to try to do a simple copy/paste since even a stray return will break a key file and OSX doesn't contain the ssh-copy-id utility so we'll have to do some magic. $ ssh user@174.143.170.119 -p 7022 "umask 077; cat >> .ssh/authorized_keys" < ~/.ssh/id_rsa.pub
Key Creation for Mac/Linux To use your shiny new key on a server you need to copy your public key over the the authorized_keys file. It's usually not safe to try to do a simple copy/paste since even a stray return will break a key file and OSX doesn't contain the ssh-copy-id utility so we'll have to do some magic. $ ssh user@174.143.170.119 -p 7022 "umask 077; cat >> .ssh/authorized_keys" < ~/.ssh/id_rsa.pub Now you should be able to authenticate to the server with your key. $ ssh user@174.143.170.119 -p 7022 If all is right in the world you will be asked for your key passphrase and not your server password.
Key Creation for Mac/Linux To use your shiny new key on a server you need to copy your public key over the the authorized_keys file. It's usually not safe to try to do a simple copy/paste since even a stray return will break a key file and OSX doesn't contain the ssh-copy-id utility so we'll have to do some magic. $ ssh user@174.143.170.119 -p 7022 "umask 077; cat >> .ssh/authorized_keys" < ~/.ssh/id_rsa.pub Now you should be able to authenticate to the server with your key. $ ssh user@174.143.170.119 -p 7022 If all is right in the world you will be asked for your key passphrase and not your server password. Success! :)
Key Creation for Mac/Linux To use your shiny new key on a server you need to copy your public key over the the authorized_keys file. It's usually not safe to try to do a simple copy/paste since even a stray return will break a key file and OSX doesn't contain the ssh-copy-id utility so we'll have to do some magic. $ ssh user@174.143.170.119 -p 7022 "umask 077; cat >> .ssh/authorized_keys" < ~/.ssh/id_rsa.pub Now you should be able to authenticate to the server with your key. $ ssh user@174.143.170.119 -p 7022 If all is right in the world you will be asked for your key passphrase and not your server password. Success! :) Failure :( contact Chris.
SSH Agent Entering your passphrase on every login defeats the intent of using keys. ssh-agent will take care of the pesky prompts. Under OSX it runs by default so you will even get a popup asking you to save your passphrase to the keychain. Once you save it you will never be asked again on your local system.
SSH Agent Entering your passphrase on every login defeats the intent of using keys. ssh-agent will take care of the pesky prompts. Under OSX it runs by default so you will even get a popup asking you to save your passphrase to the keychain. Once you save it you will never be asked again on your local system. For Linux it's little more complex. You will need to add a script to your ~/. profile file or you can execute a couple of short commands. The following will start up the ssh-agent and then allow ssh-add to pickup on the variables and it will hold your key for an entire session. Please note the back ticks around ssh-agent. $ eval `ssh-agent` $ ssh-add You will be prompted for your passphrase one time but not again during the same session.
SSH Config We've got new keys and we can access some servers with them. We're still doing a lot of typing though. e.g. $ ssh user@174.143.170.119 -p 7022 Wouldn't it be nice if we could convert that into a short simple easy to remember command like the following? $ ssh staging
SSH Config We've got new keys and we can access some servers with them. We're still doing a lot of typing though. e.g. $ ssh user@174.143.170.119 -p 7022 Wouldn't it be nice if we could convert that into a short simple easy to remember command like the following? $ ssh staging We can! Using a user configurable ssh config file you can create aliases for commonly access systems. Just create a config file using your favorite editor and adding it to your .ssh directory. $ nano -w ~/.ssh/config Host staging User <your-username> Hostname 174.143.170.119 Port 7022
SSH Config There are a number of things you can do inside the ssh config file but aliases/bookmarks are probably the most common entries you will run into or need for yourself. Here's the basic entry for our staging example. Host staging User <your-username> Hostname 174.143.170.119 Port 7022 This creates an alias to the 174.143.170.119 server with our user and port options. The "Host" line is the alias name we assign. Now calling the following will start an ssh session for ssh user@174.143.170.119 -p 7022. $ ssh staging
The End That's it. You are now an ssh wizard and can work both conveniently and securely. Keep your keys safe but if they are ever lost or you suspect an issue notify an admin quickly. To be really useful you will want to add your current private key or create a new key for staging. Because of permission issues however you may need a hand setting things up correctly.

Recommended

Ssh cookbook
Ssh cookbookSsh cookbook
Ssh cookbook
Jean-Marie Renouard
 
How To Setup SSH Keys on CentOS 7
How To Setup SSH Keys on CentOS 7How To Setup SSH Keys on CentOS 7
How To Setup SSH Keys on CentOS 7
VCP Muthukrishna
 
Webinar: Automate IBM Connections Installations and more
Webinar: Automate IBM Connections Installations and moreWebinar: Automate IBM Connections Installations and more
Webinar: Automate IBM Connections Installations and more
panagenda
 
Rasperry pi Part 12
Rasperry pi Part 12Rasperry pi Part 12
Rasperry pi Part 12
Techvilla
 
Service intergration
Service intergration Service intergration
Service intergration
재민 장
 
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform EnviornmentNagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform Enviornment
Nagios
 
API-openssl-apache.ppt
API-openssl-apache.pptAPI-openssl-apache.ppt
API-openssl-apache.ppt
webhostingguy
 
Hammr Project Update: Machine Images and Docker Containers for your Cloud, OW...
Hammr Project Update: Machine Images and Docker Containers for your Cloud, OW...Hammr Project Update: Machine Images and Docker Containers for your Cloud, OW...
Hammr Project Update: Machine Images and Docker Containers for your Cloud, OW...
OW2
 
Ssh and sshfp dns records v04
Ssh and sshfp dns records v04Ssh and sshfp dns records v04
Ssh and sshfp dns records v04
Bob Novas
 
Conf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpractices
Conf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpracticesConf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpractices
Conf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpractices
BrentMatlock
 
Getting started with RDO Havana
Getting started with RDO HavanaGetting started with RDO Havana
Getting started with RDO Havana
Dan Radez
 
APACHE 2 HTTPS.ppt
APACHE 2 HTTPS.pptAPACHE 2 HTTPS.ppt
APACHE 2 HTTPS.ppt
webhostingguy
 
Astricon 2013: "Asterisk and Database"
Astricon 2013: "Asterisk and Database"Astricon 2013: "Asterisk and Database"
Astricon 2013: "Asterisk and Database"
Francesco Prior
 
Importance of SSHFP for Network Devices
Importance of SSHFP for Network DevicesImportance of SSHFP for Network Devices
Importance of SSHFP for Network Devices
APNIC
 
Importance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devicesImportance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devices
Muhammad Moinur Rahman
 
ironing out Docker
ironing out Dockerironing out Docker
ironing out Docker
nindustries
 
Zi nginx conf_2015
Zi nginx conf_2015Zi nginx conf_2015
Zi nginx conf_2015
Zi Lin
 
Codetainer: a Docker-based browser code 'sandbox'
Codetainer: a Docker-based browser code 'sandbox'Codetainer: a Docker-based browser code 'sandbox'
Codetainer: a Docker-based browser code 'sandbox'
Jen Andre
 
Linux configer
Linux configerLinux configer
Linux configer
MD. AL AMIN
 
Installing spark 2
Installing spark 2Installing spark 2
Installing spark 2
Ahmed Mekawy
 
Mining Ruby Gem vulnerabilities for Fun and No Profit.
Mining Ruby Gem vulnerabilities for Fun and No Profit.Mining Ruby Gem vulnerabilities for Fun and No Profit.
Mining Ruby Gem vulnerabilities for Fun and No Profit.
Larry Cashdollar
 
Installation of Subversion on Ubuntu,...
Installation of Subversion on Ubuntu,...Installation of Subversion on Ubuntu,...
Installation of Subversion on Ubuntu,...
wensheng wei
 
Linuxserver harden
Linuxserver hardenLinuxserver harden
Linuxserver harden
Gregory Hanis
 
Tecnicas monitoreo reportes con Asterisk
Tecnicas monitoreo reportes con AsteriskTecnicas monitoreo reportes con Asterisk
Tecnicas monitoreo reportes con Asterisk
Nicolás Gudiño
 
How To Connect To Active Directory PowerShell
How To Connect To Active Directory PowerShellHow To Connect To Active Directory PowerShell
How To Connect To Active Directory PowerShell
VCP Muthukrishna
 
Redis学习笔记
Redis学习笔记Redis学习笔记
Redis学习笔记
yongboy
 
Metasploit magic the dark coners of the framework
Metasploit magic the dark coners of the frameworkMetasploit magic the dark coners of the framework
Metasploit magic the dark coners of the framework
Rob Fuller
 
Przemysław Iwanek - ABC AWS, budowanie infrastruktury przy pomocy Terraform
Przemysław Iwanek - ABC AWS, budowanie infrastruktury przy pomocy TerraformPrzemysław Iwanek - ABC AWS, budowanie infrastruktury przy pomocy Terraform
Przemysław Iwanek - ABC AWS, budowanie infrastruktury przy pomocy Terraform
jzielinski_pl
 
Hong Kong Drupal User Group - Sep 13th
Hong Kong Drupal User Group - Sep 13thHong Kong Drupal User Group - Sep 13th
Hong Kong Drupal User Group - Sep 13th
Wong Hoi Sing Edison
 
A Drush Primer - DrupalCamp Chattanooga 2013
A Drush Primer - DrupalCamp Chattanooga 2013A Drush Primer - DrupalCamp Chattanooga 2013
A Drush Primer - DrupalCamp Chattanooga 2013
Chris Hales
 

More Related Content

What's hot (20)

Ssh and sshfp dns records v04
Ssh and sshfp dns records v04Ssh and sshfp dns records v04
Ssh and sshfp dns records v04
Bob Novas
 
Conf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpractices
Conf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpracticesConf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpractices
Conf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpractices
BrentMatlock
 
Getting started with RDO Havana
Getting started with RDO HavanaGetting started with RDO Havana
Getting started with RDO Havana
Dan Radez
 
APACHE 2 HTTPS.ppt
APACHE 2 HTTPS.pptAPACHE 2 HTTPS.ppt
APACHE 2 HTTPS.ppt
webhostingguy
 
Astricon 2013: "Asterisk and Database"
Astricon 2013: "Asterisk and Database"Astricon 2013: "Asterisk and Database"
Astricon 2013: "Asterisk and Database"
Francesco Prior
 
Importance of SSHFP for Network Devices
Importance of SSHFP for Network DevicesImportance of SSHFP for Network Devices
Importance of SSHFP for Network Devices
APNIC
 
Importance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devicesImportance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devices
Muhammad Moinur Rahman
 
ironing out Docker
ironing out Dockerironing out Docker
ironing out Docker
nindustries
 
Zi nginx conf_2015
Zi nginx conf_2015Zi nginx conf_2015
Zi nginx conf_2015
Zi Lin
 
Codetainer: a Docker-based browser code 'sandbox'
Codetainer: a Docker-based browser code 'sandbox'Codetainer: a Docker-based browser code 'sandbox'
Codetainer: a Docker-based browser code 'sandbox'
Jen Andre
 
Linux configer
Linux configerLinux configer
Linux configer
MD. AL AMIN
 
Installing spark 2
Installing spark 2Installing spark 2
Installing spark 2
Ahmed Mekawy
 
Mining Ruby Gem vulnerabilities for Fun and No Profit.
Mining Ruby Gem vulnerabilities for Fun and No Profit.Mining Ruby Gem vulnerabilities for Fun and No Profit.
Mining Ruby Gem vulnerabilities for Fun and No Profit.
Larry Cashdollar
 
Installation of Subversion on Ubuntu,...
Installation of Subversion on Ubuntu,...Installation of Subversion on Ubuntu,...
Installation of Subversion on Ubuntu,...
wensheng wei
 
Linuxserver harden
Linuxserver hardenLinuxserver harden
Linuxserver harden
Gregory Hanis
 
Tecnicas monitoreo reportes con Asterisk
Tecnicas monitoreo reportes con AsteriskTecnicas monitoreo reportes con Asterisk
Tecnicas monitoreo reportes con Asterisk
Nicolás Gudiño
 
How To Connect To Active Directory PowerShell
How To Connect To Active Directory PowerShellHow To Connect To Active Directory PowerShell
How To Connect To Active Directory PowerShell
VCP Muthukrishna
 
Redis学习笔记
Redis学习笔记Redis学习笔记
Redis学习笔记
yongboy
 
Metasploit magic the dark coners of the framework
Metasploit magic the dark coners of the frameworkMetasploit magic the dark coners of the framework
Metasploit magic the dark coners of the framework
Rob Fuller
 
Przemysław Iwanek - ABC AWS, budowanie infrastruktury przy pomocy Terraform
Przemysław Iwanek - ABC AWS, budowanie infrastruktury przy pomocy TerraformPrzemysław Iwanek - ABC AWS, budowanie infrastruktury przy pomocy Terraform
Przemysław Iwanek - ABC AWS, budowanie infrastruktury przy pomocy Terraform
jzielinski_pl
 
Ssh and sshfp dns records v04
Ssh and sshfp dns records v04Ssh and sshfp dns records v04
Ssh and sshfp dns records v04
Bob Novas
 
Conf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpractices
Conf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpracticesConf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpractices
Conf2015 d waddle_defense_pointsecurity_deploying_splunksslbestpractices
BrentMatlock
 
Getting started with RDO Havana
Getting started with RDO HavanaGetting started with RDO Havana
Getting started with RDO Havana
Dan Radez
 
APACHE 2 HTTPS.ppt
APACHE 2 HTTPS.pptAPACHE 2 HTTPS.ppt
APACHE 2 HTTPS.ppt
webhostingguy
 
Astricon 2013: "Asterisk and Database"
Astricon 2013: "Asterisk and Database"Astricon 2013: "Asterisk and Database"
Astricon 2013: "Asterisk and Database"
Francesco Prior
 
Importance of SSHFP for Network Devices
Importance of SSHFP for Network DevicesImportance of SSHFP for Network Devices
Importance of SSHFP for Network Devices
APNIC
 
Importance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devicesImportance of sshfp and configuring sshfp for network devices
Importance of sshfp and configuring sshfp for network devices
Muhammad Moinur Rahman
 
ironing out Docker
ironing out Dockerironing out Docker
ironing out Docker
nindustries
 
Zi nginx conf_2015
Zi nginx conf_2015Zi nginx conf_2015
Zi nginx conf_2015
Zi Lin
 
Codetainer: a Docker-based browser code 'sandbox'
Codetainer: a Docker-based browser code 'sandbox'Codetainer: a Docker-based browser code 'sandbox'
Codetainer: a Docker-based browser code 'sandbox'
Jen Andre
 
Linux configer
Linux configerLinux configer
Linux configer
MD. AL AMIN
 
Installing spark 2
Installing spark 2Installing spark 2
Installing spark 2
Ahmed Mekawy
 
Mining Ruby Gem vulnerabilities for Fun and No Profit.
Mining Ruby Gem vulnerabilities for Fun and No Profit.Mining Ruby Gem vulnerabilities for Fun and No Profit.
Mining Ruby Gem vulnerabilities for Fun and No Profit.
Larry Cashdollar
 
Installation of Subversion on Ubuntu,...
Installation of Subversion on Ubuntu,...Installation of Subversion on Ubuntu,...
Installation of Subversion on Ubuntu,...
wensheng wei
 
Linuxserver harden
Linuxserver hardenLinuxserver harden
Linuxserver harden
Gregory Hanis
 
Tecnicas monitoreo reportes con Asterisk
Tecnicas monitoreo reportes con AsteriskTecnicas monitoreo reportes con Asterisk
Tecnicas monitoreo reportes con Asterisk
Nicolás Gudiño
 
How To Connect To Active Directory PowerShell
How To Connect To Active Directory PowerShellHow To Connect To Active Directory PowerShell
How To Connect To Active Directory PowerShell
VCP Muthukrishna
 
Redis学习笔记
Redis学习笔记Redis学习笔记
Redis学习笔记
yongboy
 
Metasploit magic the dark coners of the framework
Metasploit magic the dark coners of the frameworkMetasploit magic the dark coners of the framework
Metasploit magic the dark coners of the framework
Rob Fuller
 
Przemysław Iwanek - ABC AWS, budowanie infrastruktury przy pomocy Terraform
Przemysław Iwanek - ABC AWS, budowanie infrastruktury przy pomocy TerraformPrzemysław Iwanek - ABC AWS, budowanie infrastruktury przy pomocy Terraform
Przemysław Iwanek - ABC AWS, budowanie infrastruktury przy pomocy Terraform
jzielinski_pl
 

Viewers also liked (7)

Hong Kong Drupal User Group - Sep 13th
Hong Kong Drupal User Group - Sep 13thHong Kong Drupal User Group - Sep 13th
Hong Kong Drupal User Group - Sep 13th
Wong Hoi Sing Edison
 
A Drush Primer - DrupalCamp Chattanooga 2013
A Drush Primer - DrupalCamp Chattanooga 2013A Drush Primer - DrupalCamp Chattanooga 2013
A Drush Primer - DrupalCamp Chattanooga 2013
Chris Hales
 
Drupal Security Basics for the DrupalJax January Meetup
Drupal Security Basics for the DrupalJax January MeetupDrupal Security Basics for the DrupalJax January Meetup
Drupal Security Basics for the DrupalJax January Meetup
Chris Hales
 
DrupalCon Chicago 2011 Recap
DrupalCon Chicago 2011 RecapDrupalCon Chicago 2011 Recap
DrupalCon Chicago 2011 Recap
Chris Hales
 
Automated testing with Drupal
Automated testing with DrupalAutomated testing with Drupal
Automated testing with Drupal
Promet Source
 
Scaling Drupal & Deployment in AWS
Scaling Drupal & Deployment in AWSScaling Drupal & Deployment in AWS
Scaling Drupal & Deployment in AWS
永对 陈
 
The Six Highest Performing B2B Blog Post Formats
The Six Highest Performing B2B Blog Post FormatsThe Six Highest Performing B2B Blog Post Formats
The Six Highest Performing B2B Blog Post Formats
Barry Feldman
 
Hong Kong Drupal User Group - Sep 13th
Hong Kong Drupal User Group - Sep 13thHong Kong Drupal User Group - Sep 13th
Hong Kong Drupal User Group - Sep 13th
Wong Hoi Sing Edison
 
A Drush Primer - DrupalCamp Chattanooga 2013
A Drush Primer - DrupalCamp Chattanooga 2013A Drush Primer - DrupalCamp Chattanooga 2013
A Drush Primer - DrupalCamp Chattanooga 2013
Chris Hales
 
Drupal Security Basics for the DrupalJax January Meetup
Drupal Security Basics for the DrupalJax January MeetupDrupal Security Basics for the DrupalJax January Meetup
Drupal Security Basics for the DrupalJax January Meetup
Chris Hales
 
DrupalCon Chicago 2011 Recap
DrupalCon Chicago 2011 RecapDrupalCon Chicago 2011 Recap
DrupalCon Chicago 2011 Recap
Chris Hales
 
Automated testing with Drupal
Automated testing with DrupalAutomated testing with Drupal
Automated testing with Drupal
Promet Source
 
Scaling Drupal & Deployment in AWS
Scaling Drupal & Deployment in AWSScaling Drupal & Deployment in AWS
Scaling Drupal & Deployment in AWS
永对 陈
 
The Six Highest Performing B2B Blog Post Formats
The Six Highest Performing B2B Blog Post FormatsThe Six Highest Performing B2B Blog Post Formats
The Six Highest Performing B2B Blog Post Formats
Barry Feldman
 

Similar to SSH how to 2011 (20)

SSH.pdf
SSH.pdfSSH.pdf
SSH.pdf
AnisSalhi3
 
How to set up ssh keys on ubuntu
How to set up ssh keys on ubuntuHow to set up ssh keys on ubuntu
How to set up ssh keys on ubuntu
collegeinit
 
How to increase security with SSH
How to increase security with SSHHow to increase security with SSH
How to increase security with SSH
Vitalii Sharavara
 
Ssh cookbook v2
Ssh cookbook v2Ssh cookbook v2
Ssh cookbook v2
Jean-Marie Renouard
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSH
Hemant Shah
 
Intro to SSH
Intro to SSHIntro to SSH
Intro to SSH
JP Bourget
 
An introduction to SSH
An introduction to SSHAn introduction to SSH
An introduction to SSH
nussbauml
 
OpenSSH tricks
OpenSSH tricksOpenSSH tricks
OpenSSH tricks
Assem CHELLI
 
SSH for pen-testers
SSH for pen-testersSSH for pen-testers
SSH for pen-testers
E D Williams
 
Sshstuff
SshstuffSshstuff
Sshstuff
Matt Rae
 
Presentation nix
Presentation nixPresentation nix
Presentation nix
fangjiafu
 
Presentation nix
Presentation nixPresentation nix
Presentation nix
fangjiafu
 
Secure SHell
Secure SHellSecure SHell
Secure SHell
Çağrı Çakır
 
Cent os 5 ssh
Cent os 5 sshCent os 5 ssh
Cent os 5 ssh
Alejandro Besne
 
Ssh
SshSsh
Ssh
Raghu nath
 
Rhel5
Rhel5Rhel5
Rhel5
Yash Gulati
 
secure php
secure phpsecure php
secure php
Riyad Bin Zaman
 
Ansible as configuration management tool for devops
Ansible as configuration management tool for devopsAnsible as configuration management tool for devops
Ansible as configuration management tool for devops
Puneet Kumar Bhatia (MBA, ITIL V3 Certified)
 
tutorial-ssh.pdf
tutorial-ssh.pdftutorial-ssh.pdf
tutorial-ssh.pdf
NigussMehari4
 
Setting up github and ssh keys.ppt
Setting up github and ssh keys.pptSetting up github and ssh keys.ppt
Setting up github and ssh keys.ppt
Lovely Professional University
 
SSH.pdf
SSH.pdfSSH.pdf
SSH.pdf
AnisSalhi3
 
How to set up ssh keys on ubuntu
How to set up ssh keys on ubuntuHow to set up ssh keys on ubuntu
How to set up ssh keys on ubuntu
collegeinit
 
How to increase security with SSH
How to increase security with SSHHow to increase security with SSH
How to increase security with SSH
Vitalii Sharavara
 
Ssh cookbook v2
Ssh cookbook v2Ssh cookbook v2
Ssh cookbook v2
Jean-Marie Renouard
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSH
Hemant Shah
 
Intro to SSH
Intro to SSHIntro to SSH
Intro to SSH
JP Bourget
 
An introduction to SSH
An introduction to SSHAn introduction to SSH
An introduction to SSH
nussbauml
 
OpenSSH tricks
OpenSSH tricksOpenSSH tricks
OpenSSH tricks
Assem CHELLI
 
SSH for pen-testers
SSH for pen-testersSSH for pen-testers
SSH for pen-testers
E D Williams
 
Sshstuff
SshstuffSshstuff
Sshstuff
Matt Rae
 
Presentation nix
Presentation nixPresentation nix
Presentation nix
fangjiafu
 
Presentation nix
Presentation nixPresentation nix
Presentation nix
fangjiafu
 
Secure SHell
Secure SHellSecure SHell
Secure SHell
Çağrı Çakır
 
Cent os 5 ssh
Cent os 5 sshCent os 5 ssh
Cent os 5 ssh
Alejandro Besne
 
Ssh
SshSsh
Ssh
Raghu nath
 
Rhel5
Rhel5Rhel5
Rhel5
Yash Gulati
 
secure php
secure phpsecure php
secure php
Riyad Bin Zaman
 
Ansible as configuration management tool for devops
Ansible as configuration management tool for devopsAnsible as configuration management tool for devops
Ansible as configuration management tool for devops
Puneet Kumar Bhatia (MBA, ITIL V3 Certified)
 
tutorial-ssh.pdf
tutorial-ssh.pdftutorial-ssh.pdf
tutorial-ssh.pdf
NigussMehari4
 
Setting up github and ssh keys.ppt
Setting up github and ssh keys.pptSetting up github and ssh keys.ppt
Setting up github and ssh keys.ppt
Lovely Professional University
 

Recently uploaded (20)

HCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser EnvironmentsHCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser Environments
panagenda
 
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptxIncreasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Anoop Ashok
 
Greenhouse_Monitoring_Presentation.pptx.
Greenhouse_Monitoring_Presentation.pptx.Greenhouse_Monitoring_Presentation.pptx.
Greenhouse_Monitoring_Presentation.pptx.
hpbmnnxrvb
 
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Aqusag Technologies
 
#StandardsGoals for 2025: Standards & certification roundup - Tech Forum 2025
#StandardsGoals for 2025: Standards & certification roundup - Tech Forum 2025#StandardsGoals for 2025: Standards & certification roundup - Tech Forum 2025
#StandardsGoals for 2025: Standards & certification roundup - Tech Forum 2025
BookNet Canada
 
tecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdftecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdf
fjgm517
 
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven InsightsAndrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell
 
Electronic_Mail_Attacks-1-35.pdf by xploit
Electronic_Mail_Attacks-1-35.pdf by xploitElectronic_Mail_Attacks-1-35.pdf by xploit
Electronic_Mail_Attacks-1-35.pdf by xploit
niftliyevhuseyn
 
Role of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered ManufacturingRole of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered Manufacturing
Andrew Leo
 
Cyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of securityCyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of security
riccardosl1
 
Linux Support for SMARC: How Toradex Empowers Embedded Developers
Linux Support for SMARC: How Toradex Empowers Embedded DevelopersLinux Support for SMARC: How Toradex Empowers Embedded Developers
Linux Support for SMARC: How Toradex Empowers Embedded Developers
Toradex
 
Drupalcamp Finland – Measuring Front-end Energy Consumption
Drupalcamp Finland – Measuring Front-end Energy ConsumptionDrupalcamp Finland – Measuring Front-end Energy Consumption
Drupalcamp Finland – Measuring Front-end Energy Consumption
Exove
 
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptxSpecial Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
shyamraj55
 
Generative Artificial Intelligence (GenAI) in Business
Generative Artificial Intelligence (GenAI) in BusinessGenerative Artificial Intelligence (GenAI) in Business
Generative Artificial Intelligence (GenAI) in Business
Dr. Tathagat Varma
 
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep DiveDesigning Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
ScyllaDB
 
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul
 
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
BookNet Canada
 
How analogue intelligence complements AI
How analogue intelligence complements AIHow analogue intelligence complements AI
How analogue intelligence complements AI
Paul Rowe
 
Manifest Pre-Seed Update | A Humanoid OEM Deeptech In France
Manifest Pre-Seed Update | A Humanoid OEM Deeptech In FranceManifest Pre-Seed Update | A Humanoid OEM Deeptech In France
Manifest Pre-Seed Update | A Humanoid OEM Deeptech In France
chb3
 
2025-05-Q4-2024-Investor-Presentation.pptx
2025-05-Q4-2024-Investor-Presentation.pptx2025-05-Q4-2024-Investor-Presentation.pptx
2025-05-Q4-2024-Investor-Presentation.pptx
Samuele Fogagnolo
 
HCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser EnvironmentsHCL Nomad Web – Best Practices and Managing Multiuser Environments
HCL Nomad Web – Best Practices and Managing Multiuser Environments
panagenda
 
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptxIncreasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Anoop Ashok
 
Greenhouse_Monitoring_Presentation.pptx.
Greenhouse_Monitoring_Presentation.pptx.Greenhouse_Monitoring_Presentation.pptx.
Greenhouse_Monitoring_Presentation.pptx.
hpbmnnxrvb
 
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Aqusag Technologies
 
#StandardsGoals for 2025: Standards & certification roundup - Tech Forum 2025
#StandardsGoals for 2025: Standards & certification roundup - Tech Forum 2025#StandardsGoals for 2025: Standards & certification roundup - Tech Forum 2025
#StandardsGoals for 2025: Standards & certification roundup - Tech Forum 2025
BookNet Canada
 
tecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdftecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdf
fjgm517
 
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven InsightsAndrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell
 
Electronic_Mail_Attacks-1-35.pdf by xploit
Electronic_Mail_Attacks-1-35.pdf by xploitElectronic_Mail_Attacks-1-35.pdf by xploit
Electronic_Mail_Attacks-1-35.pdf by xploit
niftliyevhuseyn
 
Role of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered ManufacturingRole of Data Annotation Services in AI-Powered Manufacturing
Role of Data Annotation Services in AI-Powered Manufacturing
Andrew Leo
 
Cyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of securityCyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of security
riccardosl1
 
Linux Support for SMARC: How Toradex Empowers Embedded Developers
Linux Support for SMARC: How Toradex Empowers Embedded DevelopersLinux Support for SMARC: How Toradex Empowers Embedded Developers
Linux Support for SMARC: How Toradex Empowers Embedded Developers
Toradex
 
Drupalcamp Finland – Measuring Front-end Energy Consumption
Drupalcamp Finland – Measuring Front-end Energy ConsumptionDrupalcamp Finland – Measuring Front-end Energy Consumption
Drupalcamp Finland – Measuring Front-end Energy Consumption
Exove
 
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptxSpecial Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
shyamraj55
 
Generative Artificial Intelligence (GenAI) in Business
Generative Artificial Intelligence (GenAI) in BusinessGenerative Artificial Intelligence (GenAI) in Business
Generative Artificial Intelligence (GenAI) in Business
Dr. Tathagat Varma
 
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep DiveDesigning Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
Designing Low-Latency Systems with Rust and ScyllaDB: An Architectural Deep Dive
ScyllaDB
 
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul
 
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
Transcript: #StandardsGoals for 2025: Standards & certification roundup - Tec...
BookNet Canada
 
How analogue intelligence complements AI
How analogue intelligence complements AIHow analogue intelligence complements AI
How analogue intelligence complements AI
Paul Rowe
 
Manifest Pre-Seed Update | A Humanoid OEM Deeptech In France
Manifest Pre-Seed Update | A Humanoid OEM Deeptech In FranceManifest Pre-Seed Update | A Humanoid OEM Deeptech In France
Manifest Pre-Seed Update | A Humanoid OEM Deeptech In France
chb3
 
2025-05-Q4-2024-Investor-Presentation.pptx
2025-05-Q4-2024-Investor-Presentation.pptx2025-05-Q4-2024-Investor-Presentation.pptx
2025-05-Q4-2024-Investor-Presentation.pptx
Samuele Fogagnolo
 

SSH how to 2011

  • 1. SSH Keys and Configurations Chris Hales
  • 2. What is SSH? Secure Shell aka SSH is a secure encrypted communication protocol designed to replace older insecure protocols like telnet, rsh, and ftp.
  • 3. What is SSH? Secure Shell aka SSH is a secure encrypted communication protocol designed to replace older insecure protocols like telnet, rsh, and ftp. SSH authentication can be done with a username and password combination which is the default. Here's the most simplistic usage we might encounter. $ ssh user@secureserver After you connect to secureserver you are normally asked for your password to complete the login.
  • 4. What is SSH? Secure Shell aka SSH is a secure encrypted communication protocol designed to replace older insecure protocols like telnet, rsh, and ftp. SSH authentication can be done with a username and password combination which is the default. Here's the most simplistic usage we might encounter. $ ssh user@secureserver After you connect to secureserver you are normally asked for your password to complete the login. When you start doing this over and over again for many systems with various paswords it can become pretty tedious. What if there was a way to simplify the process? Time for SSH Keys to save the day!
  • 5. Enter SSH Keys! SSH can be configured to use key pairs so that you don't have to type your password in every time you need to log into a commonly accessed system. Your public key is placed on all systems you wish to access using your private key.
  • 6. Enter SSH Keys! SSH can be configured to use key pairs so that you don't have to type your password in every time you need to log into a commonly accessed system. Your public key is placed on all systems you wish to access using your private key. There's a lot of technical details surrounding public-key cryptography but for our purposes all you really need to know is that it's a really secure way of proving who you are to a third party system. Let's begin with creating your key pair if you don't already have one. Mac and Linux setup is basically identical. For Windows you will need Putty and PuTTYgen installed.
  • 7. Key Creation for Windows For Windows users I'm cheating and sending you to an excellent PuTTYgen how-to which includes key pair creation. http://theillustratednetwork.mvps.org/Ssh/Private-publicKey.html
  • 8. Key Creation for Mac/Linux On unix like systems (Ubuntu, OSX, etc.) we'll need to go through a few steps. Fortunately it's likely you already have an SSH directory because if you have ever used SSH one was created for you. Open up a terminal window and check your home directory for a hidden . ssh directory. $ cd ~/.ssh
  • 9. Key Creation for Mac/Linux On unix like systems (Ubuntu, OSX, etc.) we'll need to go through a few steps. Fortunately it's likely you already have an SSH directory because if you have ever used SSH one was created for you. Open up a terminal window and check your home directory for a hidden . ssh directory. $ cd ~/.ssh If you receive a "no such file or directory" type of error message you have not used SSH and certainly don't have a key installed on your system. Next we'll create a set of keys which will create the file structure we need for us automatically.
  • 10. Key Creation for Mac/Linux When you create an SSH key pair you want to enter a strong passphrase when prompted to do so*. While you could skip the passphrase it would allow anyone who can access it the ability to use it. Your key is valuable and it should be protected at all costs.
  • 11. Key Creation for Mac/Linux When you create an SSH key pair you want to enter a strong passphrase when prompted to do so*. While you could skip the passphrase it would allow anyone who can access it the ability to use it. Your key is valuable and it should be protected at all costs. Let's create a strong 2048 bit RSA key with your email address included. $ ssh-keygen -t rsa -b 2048 -C"[email protected]" You will be asked for a few options and you can leave those as their defaults but when asked for a passphrase choose a solid one. * A common practice when using SSH keys is to omit a passphrase because the default setup requires that you enter your passphrase each time you use your key which is seemingly the same as typing a password at login each time. Further in we'll cover how to work around this so you only need to enter your passphrase once per session.
  • 12. Key Creation for Mac/Linux Once your key is created you should see some new files which were indicated during your key generation. $ cd ~/.ssh $ ls ~/.ssh/id_rsa This is your private key file that ssh will read by default when a login attempt is made. You can have multiple keys, i.e. id_otherkey. ~/.ssh/id_rsa.pub This is your public key file for authentication. The contents of this file should be added to ~/.ssh/authorized_keys on all machines where you wish to login using key authentication. There is no need to keep the contents of this file secret.
  • 13. Key Creation for Mac/Linux To use your shiny new key on a server you need to copy your public key over the the authorized_keys file. It's usually not safe to try to do a simple copy/paste since even a stray return will break a key file and OSX doesn't contain the ssh-copy-id utility so we'll have to do some magic. $ ssh [email protected] -p 7022 "umask 077; cat >> .ssh/authorized_keys" < ~/.ssh/id_rsa.pub
  • 14. Key Creation for Mac/Linux To use your shiny new key on a server you need to copy your public key over the the authorized_keys file. It's usually not safe to try to do a simple copy/paste since even a stray return will break a key file and OSX doesn't contain the ssh-copy-id utility so we'll have to do some magic. $ ssh [email protected] -p 7022 "umask 077; cat >> .ssh/authorized_keys" < ~/.ssh/id_rsa.pub Now you should be able to authenticate to the server with your key. $ ssh [email protected] -p 7022 If all is right in the world you will be asked for your key passphrase and not your server password.
  • 15. Key Creation for Mac/Linux To use your shiny new key on a server you need to copy your public key over the the authorized_keys file. It's usually not safe to try to do a simple copy/paste since even a stray return will break a key file and OSX doesn't contain the ssh-copy-id utility so we'll have to do some magic. $ ssh [email protected] -p 7022 "umask 077; cat >> .ssh/authorized_keys" < ~/.ssh/id_rsa.pub Now you should be able to authenticate to the server with your key. $ ssh [email protected] -p 7022 If all is right in the world you will be asked for your key passphrase and not your server password. Success! :)
  • 16. Key Creation for Mac/Linux To use your shiny new key on a server you need to copy your public key over the the authorized_keys file. It's usually not safe to try to do a simple copy/paste since even a stray return will break a key file and OSX doesn't contain the ssh-copy-id utility so we'll have to do some magic. $ ssh [email protected] -p 7022 "umask 077; cat >> .ssh/authorized_keys" < ~/.ssh/id_rsa.pub Now you should be able to authenticate to the server with your key. $ ssh [email protected] -p 7022 If all is right in the world you will be asked for your key passphrase and not your server password. Success! :) Failure :( contact Chris.
  • 17. SSH Agent Entering your passphrase on every login defeats the intent of using keys. ssh-agent will take care of the pesky prompts. Under OSX it runs by default so you will even get a popup asking you to save your passphrase to the keychain. Once you save it you will never be asked again on your local system.
  • 18. SSH Agent Entering your passphrase on every login defeats the intent of using keys. ssh-agent will take care of the pesky prompts. Under OSX it runs by default so you will even get a popup asking you to save your passphrase to the keychain. Once you save it you will never be asked again on your local system. For Linux it's little more complex. You will need to add a script to your ~/. profile file or you can execute a couple of short commands. The following will start up the ssh-agent and then allow ssh-add to pickup on the variables and it will hold your key for an entire session. Please note the back ticks around ssh-agent. $ eval `ssh-agent` $ ssh-add You will be prompted for your passphrase one time but not again during the same session.
  • 19. SSH Config We've got new keys and we can access some servers with them. We're still doing a lot of typing though. e.g. $ ssh [email protected] -p 7022 Wouldn't it be nice if we could convert that into a short simple easy to remember command like the following? $ ssh staging
  • 20. SSH Config We've got new keys and we can access some servers with them. We're still doing a lot of typing though. e.g. $ ssh [email protected] -p 7022 Wouldn't it be nice if we could convert that into a short simple easy to remember command like the following? $ ssh staging We can! Using a user configurable ssh config file you can create aliases for commonly access systems. Just create a config file using your favorite editor and adding it to your .ssh directory. $ nano -w ~/.ssh/config Host staging User <your-username> Hostname 174.143.170.119 Port 7022
  • 21. SSH Config There are a number of things you can do inside the ssh config file but aliases/bookmarks are probably the most common entries you will run into or need for yourself. Here's the basic entry for our staging example. Host staging User <your-username> Hostname 174.143.170.119 Port 7022 This creates an alias to the 174.143.170.119 server with our user and port options. The "Host" line is the alias name we assign. Now calling the following will start an ssh session for ssh [email protected] -p 7022. $ ssh staging
  • 22. The End That's it. You are now an ssh wizard and can work both conveniently and securely. Keep your keys safe but if they are ever lost or you suspect an issue notify an admin quickly. To be really useful you will want to add your current private key or create a new key for staging. Because of permission issues however you may need a hand setting things up correctly.