Posted: . At: 1:52 PM. This was 2 years ago. Post ID: 15997
Page permalink. WordPress uses cookies, or tiny pieces of information stored on your computer, to verify who you are. There are cookies for logged in users and for commenters.
These cookies expire two weeks after they are set.



Sponsored



How to use the SSH protocol to connect to a remote Linux or UNIX machine easily.

by

Using the SSH protocol to connect to a remote Linux or UNIX machine is much more secure than RSH or Telnet by a million miles. Especially if the user is using secure SSH keys. As long as they are protected from theft. Below is a simple SSH session beginning, this is connecting to a remote server over a LAN.

┏━(Message from Kali developers)
┃
┃ This is a minimal installation of Kali Linux, you likely
┃ want to install supplementary tools. Learn how:
┃ ⇒ https://www.kali.org/docs/troubleshooting/common-minimum-setup/
┃
┗━(Run: “touch ~/.hushlogin” to hide this message)
┌──(john㉿DESKTOP-PF01IEE)-[~]
└─$ ssh jason@192.168.1.2
The authenticity of host '192.168.1.2 (192.168.1.2)' can't be established.
ED25519 key fingerprint is SHA256:LwQeGXXSqBviREKL2VaRXzysKiB41YbRftIxnjkoSbA.
This host key is known by the following other names/addresses:
    ~/.ssh/known_hosts:1: [hashed name]
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.1.2' (ED25519) to the list of known hosts.
[email protected]'s password:

This is using a password to authenticate with the server. This is quite secure as long as the password is very strong.

You may also use the SSH keys feature instead and authenticate using an encrypted key instead of a password.

https://securitronlinux.com/debian-testing/how-to-setup-an-ssh-login-using-host-keys-instead-of-a-password/.

This is how to generate an SSH key for your user.

jason@jason-Lenovo-H50-55:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/jason/.ssh/id_rsa): 
Created directory '/home/jason/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/jason/.ssh/id_rsa
Your public key has been saved in /home/jason/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:2tTGHZQ4Ay/kIX2Wwzck+GVtTb3oXpblVsohF96jWXY jason@jason-Lenovo-H50-55
The key's randomart image is:
+---[RSA 3072]----+
|      ..++.+oo oo|
|       +ooXo* + o|
|        o+.B.+.o.|
|         +...o+=E|
|        S + o+=+*|
|       + .   +o+o|
|      . .   . o. |
|             .   |
|                 |
+----[SHA256]-----+

Then append this to the ~/.ssh/authorized_keys file to allow the user to use this new key.

jason@jason-Lenovo-H50-55:~$ cat .ssh/id_rsa.pub >> .ssh/authorized_keys

This is how to create the user`s public key to connect to the server.

jason@jason-Lenovo-H50-55:~$ ssh-keygen -f ~/.ssh/id_rsa.pub -m 'PEM' -e > id_jason.pem

Crack an SSH password with hydra and ways to avoid this in future.

https://securitronlinux.com/bejiitaswrath/crack-a-ssh-password-with-hydra-and-ways-to-avoid-this-in-future/.

To change the port used by the SSH server, use this simple script.

#!/bin/bash -ex
perl -pi -e 's/^#?Port 22$/Port 443/' /etc/ssh/sshd_config
/etc/init.d/ssh restart

This will do it in one simple operation.


Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.