dir  Raspian Secure Shell (SSH)

Secure Shell (SSH) is a protocol that allows a user to connect to a computer from a remote location securely. The remote computer can also be a wi-fi connected tablet or phone on a cell network. The user must authenticate themselves with either a password or an authentication certificate. With SSH, a user can execute terminal commands, or run applications remotely, as well as execute file transfers with SFTP profocol. SSH is secure because an encrypted tunnel is created between two computers before any passwords are transmitted.

Before a computer can be reached remotely, it must first be set up as an SSH Server. Several SSH Server applications are available. One such application/program is: openssh-server. To install openssh-server type the command below:

sudo apt-get install openssh-server

After openssh-server has installed, a configuration file will populate at location:

/etc/ssh/sshd_config/

Some things to note in this config file are:

1. What port number is being used? The standard SSH port is 22, but this can be changed to any unused port number.

2. Is password authentication: yes or no? Select no if certificate authentication is being used.

If using certificate authentication, then create a directory on the server computer, in which to store public keys, for each user at: /etc/ssh using this command:

sudo mkdir /etc/ssh/pi

or

sudo mkdir /etc/ssh/username

Inside this dirctory create a file called: authorized_keys. Use this command:

sudo touch /etc/ssh/pi/authorized_keys

Now each remote computer/tablet/cell phone will need to have RSA keys (Both a public key and a private key ) generated. The public keys from each remote device will need to be copied and pasted to the /etc/ssh/pi/authorized_keys file on the SSH Server. This file can hold numerous keys from a variety of possible remote computers.

The configuration file is now complete on the SSH Server. The server must now be restarted. Use this command:

sudo service ssh restart

SSH can be used to browse from a remote computer. The remote computer browser is set up to use 127.0.0.1 (localhost) and port 8080. The command begin SSH and to use a socks server is:

ssh -C -D 8080 -p 22 [ssh_server]

It is also possible to transfer files from one computer to another using secure copy or scp. The command to transfer a file, first change to the directory with the needed file. The execute the following command:

scp -P 22 -i /home/user/.ssh/id_rsa filename user@website.com:/directory/to/add/file/to

Next: Generating Authentation Certificates

Webmaster: hardyjc@yahoo.com