Skip to content

SSH

SSH Keys

sshd_config

Append these lines to all servers /etc/ssh/sshd_config

Port 8649
PermitUserEnvironment=yes
Restart SSHD on FreeBSD
sudo service sshd restart
Restart SSHD on Mac
sudo launchctl unload /Library/LaunchDaemons/sshd.plist
sudo launchctl load -w /Library/LaunchDaemons/sshd.plist

Generate Keys

Open Terminal and enter the following:

ssh-keygen -t rsa

To add keys to root you must repeat the process while logged in as root.

You will see these messages. Press Enter without entering anything for all prompts:

Generating public/private rsa key pair.
Enter file in which to save the key (/home/cantin/.ssh/idrsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/cantin/.ssh/idrsa.
Your public key has been saved in /home/cantin/.ssh/id_rsa.pub.
To view/copy your public key (which can be copied into the SSH-Keys of Google Cloud and all servers running SSH use the following command while logged in as the user (owner) of the keys: Show the public key
cat ~/.ssh/id_rsa.pub
To add keys to other servers, ssh to the server and add the public key to ~/.ssh/authorized_keys.
pico ~/.ssh/authorized_keys
If the authorized_keys file doesn’t exist create it:
touch ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys

SSH Permissions

Fix permissions on .ssh folder:

v-util.sh fixpermissions

SSH Utility Options

SSH Utilities are available in v-util.sh script.

ssh-port

Set SSH port number for the client connecting to other servers.

v-util.sh ssh-port {port-number}

VNiX network uses port 8649

ssh-copy-id

v-util.sh ssh-copy-id {server}

You must login to the other server to allow permissions to transfer the SSH keys to the authorized_keys list of the other {server}.

Google Cloud SSH Keys

Copy between Google Servers

Create ssh keys for the VM if you haven’t already done so. ssh-keygen -t rsa

Copy the ~/.ssh/id_rsa.pub text into the metadata under compute engine

Google Cloud Metadate - SSH Keys

Add key
Paste the contents of id_rsa.pub into the field
Save

Example of the proper way to sync with root permissions and capture all file/directory permissions from source to destination: rsync -axv -e ‘ssh -i /home/vnyx/.ssh/id_rsa -l vnyx’ –rsync-path=’sudo rsync’ mayavilla.srv.vnix.net:/var/www/html/ /var/www/mayavilla.com/html/

Resources