I take some old desktop-pc on my work and install lubuntu.
It hawe 160gb of main hdd where is 25gb to lubuntu.
And hawe some 2x 2tb drives. They auto-mount on startup.
My working laptop is mint 18.2.
Main reason i take it is to create SSH so i can backup data. Local network at work.
At this point i watch some videos and read some basic guides a bouth sshd_config file. apt-get install ssh worked fine. All things as default install.
1. Working in local network.
At my laptop [as normal user] i generate keys with:
Code: Select all
ssh-keygen -t rsaSo i try to login in that machine:
Code: Select all
ssh klaypex-desk@192.168.1.15I connected it and it's fine.
kaylpex-desk now in .ssh folder hawe :cat authorized_key hawe ssh-rsa <lotsOfChar>
-!-
Hint:
When i try: root@192.168.1.15 it denied me no mater of correct password.
When login as non-root i can :sudo -s and then password is accepted and hawe root privileges.
-!-
2.
I run:
Code: Select all
ssh-copy-id klaypex-desk@192.168.1.15 Code: Select all
WARNING: All keys were skipped because they already exist on the remote system.
(if you think this is a mistake, you may want to use -f option)Guesing that is ok! Or shoud i run -f ?
-
Code: Select all
service ssh restart - login as default user works. Ask's me for pass-phrase. I'm fine with that =)
- login as root says:
Code: Select all
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:cyaf5FRF+h19B3Tw+r4k1bLMI5CtBTWFsCFn9Ks1380.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /root/.ssh/known_hosts:1
remove with:
ssh-keygen -f "/root/.ssh/known_hosts" -R 192.168.1.15
ECDSA host key for 192.168.1.15 has changed and you have requested strict checking.
Host key verification failed.I'm interested in little high secure login. At my work i hawe few "all day smart" people which in past i lost some data, due to that "all day smart" acts.
We all know toes people =\.
At this point goals are login on local network. Ill provide sshd_config from laptop and klaypex-desk
- only this laptop can login as root and normal user.
- All others connections fully denied even if user-name and password correct. Guessing that key's are for =)
- Soon in future ill need to access from outside of local network. Just in case if conf file need to leave place for future configuration.
- also hawe fileZila so if there is option to specific allowed me to login.
I upload conf files. Looking at desk pc conf, lots of lines are #. If some with more experience can uncomment it to get that point i mention up on post.
And share some words of wisdom and point/provide usefull articles/guides to SSH =)
klaypex-desk: http://txt.do/do9qg
laptop: http://textuploader.com/do9qz