Once nice thing about Apple products is they work the way you think they should, and…you’re done. Linux is free, and has gotten a lot better–but it doesn’t always work the way it should. Every now and then, it has these…things…that make it really hard to recommend to novice users. Activating SSH services is one of those things, in Ubuntu, that is way harder then it needs to be, for reasons I’m not real clear on.
SSH services allow me to remote into my Ubuntu laptop from my ipad–either command line or via secure ftp (sftp). I primarily want to do this to retrieve animated gifs from tty recordings.
And the problem is?
Ubuntu wants us to install:
$ sudo apt-get install openssh-server
Sadly for us, Ubuntu’s client is more recent then the server…and the server needs the client. So, even though the ssh server software probably would work just fine with the ssh client, the Ubuntu package solution says…no way.
Client is 2p4 and the server wants 2p2, so unless you get a 2p2 client or a 2p4 server–that is, unless you get an older client or a newer server, I’m doing nothing.
And the winner is…
Fortunately, with apt-get, we can install just the version we want. We can’t install a new version of the server–the right answer…because we can’t install what’s not there. However, we can install an older version of software…and retrograding the client will help with just that.
#Installs $ sudo apt-get install openssh-client=1:7.2p2-4 $ sudo apt-get install openssh-server $ sudo vi /etc/ssh/sshd_config $ sudo service ssh restart # # Keysetup $ mkdir ~/.ssh $ chmod 700 ~/.ssh $ cd ~/.ssh $ ssh-key gen -t rsa - b 4096 $ cat id_rs.pub > authorized_keys
In terms of the changes we make to sshd_config:
#PasswordAuthentication no #not yet AllowTcpForwarding no X11Forwarding no
Bog standard security settings, to the point of…why isn’t that way by default? Anyway…now to test:
shell $ ssh localhost #to test ssh $ exit #exit back to shell shell $
Finally, for every computer that I want to access my Ubuntu box–say my ios devices…I use Prompt to generate a new private/public key pairing. I copy the public key, I then log in to my ubuntu laptop, and paste that key into my list of authorized_keys, on a brand new line.
Finally, I update /etc/ssh/sshd_config and turn off password login:
$ sudo vi/etc/ssh/sshd_config ... PasswordAuthentication no ... $ sudo service ssh restart
That’s it! By using keys with the ssh client app Prompt & the excellent sftp utility FileBrowser, I can now log in, do stuff, and then retrieve what I did via IOS.