Restrict SSH login to only the public key method in Ubuntu
nano /etc/ssh/sshd_config
PermitRootLogin prohibit-password PasswordAuthentication no PubkeyAuthentication yes
systemctl restart sshd
nano /etc/ssh/sshd_config
PermitRootLogin prohibit-password PasswordAuthentication no PubkeyAuthentication yes
systemctl restart sshd
Add your public key to the authorized keys file on remote server. To add you keys to the file, you can use the following command:
cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
If you do not have the folder ~/.ssh/authorized_keys
, you can create this with the following commands:
mkdir -p ~/.ssh touch ~/.ssh/authorized_keys
References
https://medium.com/@williamkwao/how-to-add-ssh-keys-to-an-ubuntu-server-6a3a5b1bee26
sudo apt install fail2ban -y
sudo systemctl enable fail2ban sudo systemctl start fail2ban
sudo systemctl status fail2ban
Configuring Fail2ban
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail. Local
sudo nano /etc/fail2ban/jail. Local
References
https://www.howtoforge.com/how-to-install-fail2ban-on-ubuntu-22-04/
Error while using port forwarding on SSH : Cannot assign requested address
You can force the use of IPv4 on the commandline with the -4
switch:
ssh -4 -L 8080:127.0.0.1:80 dev.local
References
https://www.electricmonk.nl/log/2014/09/24/ssh-port-forwarding-bind-cannot-assign-requested-address/
https://www.putorius.net/force-ssh-client-to-use-ipv4-or-ipv6.html
# Keys need to be only readable chmod 400 ~/.ssh/id_rsa
Keys need to be read-writable chmod 600 ~/.ssh/id_rsa
References
https://stackoverflow.com/questions/9270734/ssh-permissions-are-too-open-error
localhost
host1
is accessible to localhost
host2
only accepts connections from host1
localhost
to host2
You basically have three possibilities:
localhost
to host1
:
ssh -L 9999:host2:1234 -N host1
As noted above, the connection from host1
to host2
will not be secured.
localhost
to host1
and from host1
to host2
:
ssh -L 9999:localhost:9999 host1 ssh -L 9999:localhost:1234 -N host2
This will open a tunnel from localhost
to host1
and another tunnel from host1
to host2
. However the port 9999
to host2:1234
can be used by anyone on host1
. This may or may not be a problem.
localhost
to host1
and from localhost
to host2
:
ssh -L 9998:host2:22 -N host1
ssh -L 9999:localhost:1234 -N -p 9998 localhost
This will open a tunnel from localhost
to host1
through which the SSH service on host2
can be used. Then a second tunnel is opened from localhost
to host2
through the first tunnel.
Normally, I’d go with option 1. If the connection from host1
to host2
needs to be secured, go with option 2. Option 3 is mainly useful to access a service on host2
that is only reachable from host2
itself.
References
https://superuser.com/questions/96489/an-ssh-tunnel-via-multiple-hops
Start adb daemon on remote device
adb devices
$ adb devices * daemon not running. starting it now on port 5037 * * daemon started successfully * List of devices attached 5200fe4259bcc000 device
do client to server port forwarding using ssh on port 5037
References
https://dontbelievethebyte.github.io/articles/2015/01/15/debug-remotely-on-android-via-ssh-tunnel/
https://developer.android.com/studio/command-line/adb
https://stackoverflow.com/questions/2604727/how-can-i-connect-to-android-with-adb-over-tcp
scp <source> <destination>
To copy a file from B to A while logged into B:
scp /path/to/file username@a:/path/to/destination
To copy a file from B to A while logged into A:
scp username@b:/path/to/file /path/to/destination
rsync -avz -e 'ssh -p 22002' /root/backup/monitoring_201909280430 [email protected]:/root/backup/
Start a new session
tmux tmux new tmux new-session
Start a new session with the name mysession
tmux new -s mysession
kill/delete session mysession
tmux kill-session -t mysession
kill/delete all sessions but the current
tmux kill-session -a
kill/delete all sessions but mysession
tmux kill-session -a -t mysession
Show all sessions
tmux ls tmux list-sessions
Attach to a session with the name mysession
tmux a -t mysession tmux at -t mysession tmux attach -t mysession tmux attach-session -t mysession
Rename session
Ctrl + b $
Detach from session
Ctrl + b d
Create window
Ctrl + b c
Rename current window
Ctrl + b ,
Close current window
Ctrl + b &
Previous window
Ctrl + b p
Next window
Ctrl + b n
Switch/select window by number
Ctrl + b 0 ... 9
Scroll
Ctrl-b [ # Press q to quit scroll mode
Ctrl-b PgUp
References
https://tmuxcheatsheet.com/
https://gist.github.com/MohamedAlaa/2961058