SSH

Connect using private key

Add google auth to SSH

SSH tunnel RDP

SSH login insults

SSH socks proxy

Login using ssh key

#make this directory if needed, set permissions and generate keys

mkdir -p ~/.ssh

chmod 700 ~/.ssh

ssh-keygen -t rsa

#copy your public key to the server your trying to connect too

ssh-copy-id -i ~/.ssh/id_rsa.pub user@server

# Or copy manually by pasting the key into the authorized key file on the remote server

sudo nano ~/.ssh/authorized_keys

#optional you can disable password logins

sudo nano /etc/ssh/sshd_config

PasswordAuthentication no

PubkeyAuthentication yes

sudo systemctl restart sshd

------------

Connect using private key

the private key would need to be distributed(this can be quick to setup but is not recommended as you should never really distribute a servers private key!)

copy the public key on the remote server into the authorized into its own authorized key file, then connect to that server using the private key

#random notes

cd ~/.ssh/

/home/donald/.ssh

ssh -i fplabs test.fullproxylabs.com

sudo chmod 600 key

sudo chmod 644 key.pub

sudo nano /etc/ssh/sshd_config

PasswordAuthentication no

PubkeyAuthentication yes

sudo systemctl restart sshd

Ref; https://upcloud.com/community/tutorials/use-ssh-keys-authentication/

Add google auth to SSH

sudo apt-get update

sudo apt-get install libpam-google-authenticator

#To run the initialization app, log in as the user you’ll be #logging in with remotely and enter the following command:

google-authenticator

sudo nano /etc/pam.d/sshd

#add this line

auth required pam_google_authenticator.so

sudo nano /etc/ssh/sshd_config

#Locate the ChallengeResponseAuthentication line, and #change its value to ‘yes’.

# Change to yes to enable challenge-response passwords

(beware issues with # some PAM modules and threads)

ChallengeResponseAuthentication yes

service ssh restart

# ref https://blog.devolutions.net/2017/5/how-to-secure-ssh-with-google-two-factor-authentication

SSH tunnel RDP

ssh -L 3389:192.168.100.126:3389 ddr.office-on-the.net -p 4022 -g 1280x1024 (RDP through SSH tunnel setting screen size and SSH port )

SSH login insults

#edit the sudo file

sudo nano /etc/sudoers

#add this and save

Defaults insults

#example

tester@ns1:/home$ sudo mkdir test

[sudo] password for tester:

I've seen penguins that can type better than that.

[sudo] password for tester:

SSH socks proxy

ssh -D 8888 bob@ssh.yourhome.com

set you browser to use 127.0.0.1 port 8888 as a proxy