Future-proof your tech-skills with Linux, Python, vim & git as I share
with you the most timeless and love-worthy tools in tech and on staying
valuable while machines learn... and beyond.
Removing Password Authentication from SSH Services
by Mike Levin
Monday, July 25, 2022
- Get a new LXD container that doesn’t trigger the warning.
- Don’t forget to use NAT networking mode.
- Add port 2222 to port 22 NAT map.
- Login locally to give ubuntu user a password and add openssh-server service.
- Ensure that you can login using the ssh program (re-figure-out IP?)
- Get rid of the password challenge.
- Move keys over to get rid of passwords.
- Get keys in place to git clone from github without challenge.
Eliminating Password From OpenSSH on NAS Linux Container
Create new keys? They’re auto-generated in /etc/ssh/ but just in case:
ssh-keygen -t rsa -C "email@example.com"
Do we need to turn off the ability to challenge passwords? I so:
- sudo vim /etc/ssh/sshd_config
- PasswordAuthentication no
- ChallengeResponseAuthentication no
What I’m sure I do need is a list of authorized keys. If only one then it’s the
same as the actual public key being used. One public key, one line.
Much of this video went into creating the ~/data shared folder. Now all
locations have the same 3 folders:
That’s a good setup for the videos to come!
systemd-way to restart a service:
sudo systemctl restart ssh
It wasn’t even necessary. But it was very necessary to chmod the files
And so on.