network:ssh
SSH
SSH port forwarding
Single Local Port
ssh <user>@server -L <localPort>:<server>:<port>
Dynamic Local Port
ssh <user>@server -D <localIP>:<localPort>
SSH no host check
ssh <user>@server -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null
Create SSH key pair
ssh-keygen -t ed25519 -C "<key comment>" -f ~/.ssh/<keyname>
-t = algorithm. Possible values: rsa, dsa, ecdsa, ed25519 -C = comment at the end of public key file -f = filename -b = bitrate. For rsa and ecdsa.
Create SSH key pair with Yubikey
Prerequsites:
- openssh v8.2+
- yubikey fw v5.2.3+
- libfido2 lib installed on client
Check openssh version.
ssh -V
Check yubikey version.
lsusb -v 2>/dev/null | grep -A2 Yubico | grep "bcdDevice" | awk '{print $2}'
Create the key-pair
ssh-keygen -o -a 100 -t ed25519-sk -C "<key comment>" -f ~/.ssh/<keyname>
Change key comment
ssh-keygen -c -C "<key comment>" -f ~/.ssh/<keyname>
Change passphrase
ssh-keygen -p -f ~/.ssh/<keyname>
GIT Specify Key
edit ~/.ssh/config and add section like the following
Host ssh.dev.azure.com HostName ssh.dev.azure.com IdentityFile ~/.ssh/<publicKeyFile> IdentitiesOnly yes
Redhat custom port
Edit /etc/ssh/sshd_config and add the lines (uncomment port 22)
Port 22 Port 1234
Restart sshd to activate changes. You will not be able to use the custom port yet though as SElinux is blocking it.
add port
semanage port -t ssh_port_t -p tcp 1234
List ports with
semanage port -l|grep ssh_port_t
network/ssh.txt ยท Last modified: 2024/11/29 20:27 by rene