Start Windows SSH Agent
Open PowerShell as Administrator.
Get-Service -Name ssh-agent | Set-Service -StartupType Automatic Start-Service ssh-agent
Tag: ssh
Automatically Add SSH keys to the SSH agent upon Login
You can configure your SSH client to automatically add your key when making an SSH connection.
- Edit or create the SSH configuration file:
nano ~/.ssh/config
- Add the following configuration:
Host * AddKeysToAgent yes IdentityFile ~/.ssh/id_rsaAgain, replace
~/.ssh/id_rsawith the path to your SSH key if necessary. - Save and close the file.
This will automatically add your SSH key to the agent whenever you initiate an SSH connection.
Restrict SSH login to only the public key method in Ubuntu
nano /etc/ssh/sshd_config
PermitRootLogin prohibit-password PasswordAuthentication no PubkeyAuthentication yes
systemctl restart sshd
Add SSH keys to an Ubuntu Server
Add your public key to the authorized keys file on remote server. To add you keys to the file, you can use the following command:
cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
If you do not have the folder ~/.ssh/authorized_keys , you can create this with the following commands:
mkdir -p ~/.ssh touch ~/.ssh/authorized_keys
References
https://medium.com/@williamkwao/how-to-add-ssh-keys-to-an-ubuntu-server-6a3a5b1bee26
Install Fail2ban on Ubuntu 22.04
sudo apt install fail2ban -y
sudo systemctl enable fail2ban sudo systemctl start fail2ban
sudo systemctl status fail2ban
Configuring Fail2ban
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail. Local
sudo nano /etc/fail2ban/jail. Local
References
https://www.howtoforge.com/how-to-install-fail2ban-on-ubuntu-22-04/
Force SSH Client to Use IPv4 Only
Error while using port forwarding on SSH : Cannot assign requested address
You can force the use of IPv4 on the commandline with the -4 switch:
ssh -4 -L 8080:127.0.0.1:80 dev.local
References
https://www.electricmonk.nl/log/2014/09/24/ssh-port-forwarding-bind-cannot-assign-requested-address/
https://www.putorius.net/force-ssh-client-to-use-ipv4-or-ipv6.html
“Permissions 0777 for ‘id_rsa’ are too open” Error for SSH private Key
# Keys need to be only readable chmod 400 ~/.ssh/id_rsa
Keys need to be read-writable chmod 600 ~/.ssh/id_rsa
References
https://stackoverflow.com/questions/9270734/ssh-permissions-are-too-open-error
tunnel via multiple hops in SSH
- I am working locally on
localhost host1is accessible tolocalhosthost2only accepts connections fromhost1- I need to create a tunnel from
localhosttohost2
You basically have three possibilities:
- Tunnel from
localhosttohost1:ssh -L 9999:host2:1234 -N host1As noted above, the connection from
host1tohost2will not be secured. - Tunnel from
localhosttohost1and fromhost1tohost2:ssh -L 9999:localhost:9999 host1 ssh -L 9999:localhost:1234 -N host2This will open a tunnel from
localhosttohost1and another tunnel fromhost1tohost2. However the port9999tohost2:1234can be used by anyone onhost1. This may or may not be a problem. - Tunnel from
localhosttohost1and fromlocalhosttohost2:ssh -L 9998:host2:22 -N host1 ssh -L 9999:localhost:1234 -N -p 9998 localhostThis will open a tunnel from
localhosttohost1through which the SSH service onhost2can be used. Then a second tunnel is opened fromlocalhosttohost2through the first tunnel.
Normally, I’d go with option 1. If the connection from host1 to host2 needs to be secured, go with option 2. Option 3 is mainly useful to access a service on host2 that is only reachable from host2 itself.
References
https://superuser.com/questions/96489/an-ssh-tunnel-via-multiple-hops
Debug Remotely on Android using adb via SSH Tunnel
Start adb daemon on remote device
adb devices
$ adb devices * daemon not running. starting it now on port 5037 * * daemon started successfully * List of devices attached 5200fe4259bcc000 device
do client to server port forwarding using ssh on port 5037
References
https://dontbelievethebyte.github.io/articles/2015/01/15/debug-remotely-on-android-via-ssh-tunnel/
https://developer.android.com/studio/command-line/adb
https://stackoverflow.com/questions/2604727/how-can-i-connect-to-android-with-adb-over-tcp
Copy files from one machine to another using ssh
scp <source> <destination>
To copy a file from B to A while logged into B:
scp /path/to/file username@a:/path/to/destination
To copy a file from B to A while logged into A:
scp username@b:/path/to/file /path/to/destination