Differences between revisions 2 and 3
Revision 2 as of 2009-06-27 20:21:54
Size: 845
Editor: SamatJain
Comment:
Revision 3 as of 2014-11-07 18:54:16
Size: 1151
Editor: SamatJain
Comment: Generate new SSH host key
Deletions are marked like this. Additions are marked like this.
Line 23: Line 23:

== Generate new SSH host key ==

Make sure /etc/ssh/sshd_config contains a path to the host key, e.g.:

{{{
HostKey /etc/ssh/ssh_host_ed25519_key
}}}

Once it's there, create a new host key with:

{{{#!highlight sh numbers=off
sudo ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key
}}}

Copy an SSH public key to a remote machine

This: 

   1 cat ~/.ssh/id_rsa.pub | ssh remoteuser@remotehost 'mkdir .ssh ; shat >> .ssh/authorized_keys'

will copy a public key to a remote machine, but most likely you want to use ssh-copy-id included with recent versions of OpenSSH.

Protect sshd from kernel OOM events

The kernel out-of-memory killer kills processes when a system runs out of RAM. Killing SSH typically does not help fix anything, and makes remotely-accessible systems inaccessible. 

   1 for pid in $(pidof sshd) ; do
   2         echo "disabling oom on pid $pid"
   3   echo -17 | sudo tee /proc/$pid/oom_adj > /dev/null
   4 done

This is done by a few distributions, but when working on an arbitrary remote machine may be useful to run just in case.

Generate new SSH host key

Make sure /etc/ssh/sshd_config contains a path to the host key, e.g.: 

HostKey /etc/ssh/ssh_host_ed25519_key

Once it's there, create a new host key with: 

sudo ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key

CategoryCheatSheet

SamatsWiki: CheatSheet/SSH (last edited 2018-07-22 11:54:14 by SamatJain)