Tag Archives: ssh

cisco: ssh

Test1 (config)#username sshuser password 0 sshuserpassword

Test1 (config)#crypto key generate rsa

Test1 (config)#ip ssh version 2

Test1 (config)#line vty 0 4
Test1 (config-line)#login local
Test1 (config-line)#transport input ssh

Test1 (config-line)#exit

ssh: key autorization

Are you tired to enter a password when you log on your server? Or perhaps you're being attacked bruteforce and sshguard and pam_geoip put you broke? Make the authentication key and disable password authentication.

1. On local pc: ssh-keygen -t rsa

2. ssh-copy-id -i ~/.ssh/id_rsa.pub example.com // this comman create ~/.ssh/autorized_keys on remote server

3. On local pc: edit /etc/ssh/ssh_config:

IdentityFile ~/.ssh/identity
IdentityFile ~/.ssh/id_rsa
IdentityFile ~/.ssh/id_dsa

4. On remote pc: edit /etc/ssh/sshd_config

RSAAuthentication yes
PubkeyAuthentication yes

5. On remote pc:

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

6. from local pc:

ssh example.com // you must login without password request

ssh brakes

Get rid of the brake when working on ssh:

nano /etc/ssh/sshd_config:
UseDNS no
GSSAPIAuthentication no
GSSAPIKeyExchange no
Compression no

nano /etc/hosts:
127.0.0.1 localhost local.kss45.ru local
127.0.1.1 local.kss45.ru local // add own host ip without Loopback address
ip your_computer_name

nano /etc/resolv.conf:
domain domain.ru // here domain — UTB keyword, such as domain ya.ru, and not ya.ru
search domain.ru //address to which to search for local third-level domains.
nameserver ns1 // dns — server, or enter the ip or in / etc / hosts to register ip — name.
nameserver ns2
nameserver 8.8.8.8

nano /etc/nsswitch.conf:

seek bar:

hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4

bring it to mind:

hosts: files dns mdns4_minimal [NOTFOUND=return] mdns4