SSH

Updated Mar 27, 2021 ·

Tasks

Configure SSH keys for password-less login to the SSH process listening on localhost.
Configure SSH such that only mary and root can log in.

Generate SSH key pair (if not already done)

ssh-keygen -t rsa

Follow the prompts to generate the key pair. This will create ~/.ssh/id_rsa (private key) and ~/.ssh/id_rsa.pub (public key).

Use ssh-copy-id or manually append the public key to the server's authorized_keys file. Assuming SSH is listening on localhost (127.0.0.1):

ssh-copy-id -i ~/.ssh/id_rsa.pub localhost

You can also manually append the content of ~/.ssh/id_rsa.pub to ~/.ssh/authorized_keys on the server.

Next, test SSH login to localhost without password:

ssh localhost

You should now be logged in without entering a password.

Edit /etc/ssh/sshd_config:

sudo nano /etc/ssh/sshd_config

Modify the AllowUsers directive and specify the users allowed to log in.

AllowUsers mary root

Apply the changes by restarting the SSH service:

sudo systemctl restart sshd