fachinformatiker-wiki

it's easy when it's here

User Tools

Site Tools

Trace: Nexcloud BIND M/Monit OpenSSH
linux:remote_access:openssh

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
linux:remote_access:openssh [2024/03/12 16:33] – [Regenerate Host Keys] gsyslinux:remote_access:openssh [2026/04/07 23:00] (current) – [Agent] gsys
Line 1: Line 1:
 ====== OpenSSH ====== ====== OpenSSH ======
  
 +===== Permissions =====
 +
 +<code>
 +^ File/Folder             ^ Numeric  ^ Bitwise    ^
 +| ~/.ssh                  | 700      | drwx------ |
 +| ~/.ssh/id_rsa.pub       | 644      | -rw-r--r-- |
 +| ~/.ssh/id_rsa           | 600      | -rw------- |
 +| ~/.ssh/authorized_keys  | 600      | -rw------- |
 +| ~/.ssh/config           | 600      | -rw------- |
 +| ~/                      | 700      | drwx------ |
 +</code>
 ===== Harden SSH Access ====== ===== Harden SSH Access ======
  
Line 36: Line 47:
 sudo rm -v /etc/ssh/ssh_host_*          # delete old host keys sudo rm -v /etc/ssh/ssh_host_*          # delete old host keys
 sudo dpkg-reconfigure openssh-server    # create new set of keys sudo dpkg-reconfigure openssh-server    # create new set of keys
-sudo systemctl restart ssh              # restart service+sudo systemctl restart sshd             # restart service
 </code> </code>
  
 2. Delete old Public Keys from clients known_hosts files 2. Delete old Public Keys from clients known_hosts files
 +
 +===== Agent =====
 +<code>
 +eval "$(ssh-agent -s)"
 +ssh-add -l
 +ssh-add --apple-use-keychain .ssh/id_rsa    # macos
 +</code>
linux/remote_access/openssh.1710257638.txt.gz · Last modified: by gsys