• Edit
  • Delete

ssh Cheatsheet

Check ssh fingerprint of host

On the host:

  • cd /etc/ssh;for file in *sa_key.pub;do ssh-keygen -E md5 -lf $file;done

Prevent Timeouts

  • vi ~/.ssh/config
    • Host *
        ServerAliveInterval 60

 Make life with non-standard ports easier

  • vi .ssh/config
    • Host myhost.example.com
        Port 4321

Remote command

For staging ignore spoofing and unknown hosts warning

  • ssh -o "StrictHostKeyChecking=no" -o "UserKnownHostsFile=/dev/null" user@example.com

Chroot users into their home dir for sftp

https://www.techrepublic.com/blog/linux-and-open-source/chroot-users-with-openssh-an-easier-way-to-confine-users-to-their-home-directories/

Show keys, algorithms and key lengths

for keyfile in ~/.ssh/id_*; do ssh-keygen -l -f "${keyfile}"; done | uniq

Upgrade to safer, more recent SSH keys

https://blog.g3rt.nl/upgrade-your-ssh-keys.html

  • ssh-keygen -o -a 100 -t ed25519
  • for keyfile in ~/.ssh/id_*; do ssh-keygen -l -f "${keyfile}"; done | uniq
  • ssh-add -l

Problems with gnome-keyring

Show sshd configuration

  • sshd -T