Setup-OpenSSH-on-Ubuntu-14.md

On Ubuntu 14 machine

Setup SSH files

• mkdir ~/.ssh
• chmod 700 ~/.ssh
• touch ~/.ssh/authorized_keys
• chmod 700 ~/.ssh/authorized_keys
• touch ~/.ssh/known_hosts
• chmod 700 ~/.ssh/known_hosts

Setup keys

• ssh-keygen -t rsa -b 4096 -C "[email protected]"
• eval $(ssh-agent)
• ssh-add ~/.ssh/id_rsa
• sudo service ssh restart

Backup OpenSSH configuration

• cp /etc/ssh/ssh_config /etc/ssh/ssh_config.factory
• cp /etc/ssh/sshd_config /etc/shs/sshd_config.factory

Modify the following in the file ~/.ssh/config with contents

ForwardAgent yes

Modify the following in the file /etc/ssh/sshd_config with contents

AuthorizedKeysFile     %h/.ssh/authorized_keys
ChallengeResponseAuthentication no
PasswordAuthentication no
AllowTcpForwarding yes
UsePAM no

Modify the following in the file /etc/ssh/ssh_config with contents

Host *
    # ...
    ForwardAgent yes
    ForwardX11 yes
    PasswordAuthentication no
    PubkeyAuthentication yes

On Host Mac OS X machine, make remote machines identity authorized

• scp [email protected]:/home/reece/.ssh/id_rsa.pub ~/.ssh/id_rsa_ubuntu14.pub
• cp ~/.ssh/authorized_keys ~/.ssh/authorized_keys_backup
• cat ~/.ssh/id_rsa_ubuntu14.pub >> ~/.ssh/authorized_keys

On Host Mac OS X, copy identity to remote machine to authorize identity

• scp ~/.ssh/id_rsa.pub [email protected]:/home/reece/.ssh/id_rsa_macpro.pub

On Ubuntu 14

• cp ~/.ssh/authorized_keys ~/.ssh/authorized_keys_backup
• cat ~/.ssh/id_rsa_macpro.pub >> ~/.ssh/authorized_keys

Use the -vvv option when ssh'ing into the remote machine to check output if authentication is rejected

Sources

• https://help.ubuntu.com/lts/serverguide/openssh-server.html
• https://help.ubuntu.com/community/SSH/OpenSSH/Keys
• https://help.github.com/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent/#platform-linux