Ubuntu – Activate SSH Server

Once nice thing about Apple products is they work the way you think they should, and…you’re done. Linux is free, and has gotten a lot better–but it doesn’t always work the way it should. Every now and then, it has these…things…that make it really hard to recommend to novice users. Activating SSH services is one of those things, in Ubuntu, that is way harder then it needs to be, for reasons I’m not real clear on.

Err…why? what?

SSH services allow me to remote into my Ubuntu laptop from my ipad–either command line or via secure ftp (sftp). I primarily want to do this to retrieve animated gifs from tty recordings.

And the problem is?

c/o: https://help.ubuntu.com/community/SSH/OpenSSH/Configuring

Ubuntu wants us to install:

$ sudo apt-get install openssh-server
Nothing doing, bub.

Sadly for us, Ubuntu’s client is more recent then the server…and the server needs the client. So, even though the ssh server software probably would work just fine with the ssh client, the Ubuntu package solution says…no way.

Client is 2p4 and the server wants 2p2, so unless you get a 2p2 client or a 2p4 server–that is, unless you get an older client or a newer server, I’m doing nothing.
— apt-get

And the winner is…

Fortunately, with apt-get, we can install just the version we want. We can’t install a new version of the server–the right answer…because we can’t install what’s not there. However, we can install an older version of software…and retrograding the client will help with just that.

$ sudo apt-get install openssh-client=1:7.2p2-4
$ sudo apt-get install openssh-server
$ sudo vi /etc/ssh/sshd_config
$ sudo service ssh restart
# Keysetup
$ mkdir ~/.ssh
$ chmod 700 ~/.ssh
$ cd ~/.ssh
$ ssh-key gen -t rsa - b 4096
$ cat id_rs.pub > authorized_keys

In terms of the changes we make to sshd_config:

#PasswordAuthentication no  #not yet
AllowTcpForwarding no
X11Forwarding no

Bog standard security settings, to the point of…why isn’t that way by default? Anyway…now to test:

shell $ ssh localhost    #to test
ssh   $ exit          #exit back to shell
shell $

Finally, for every computer that I want to access my Ubuntu box–say my ios devices…I use Prompt to generate a new private/public key pairing. I copy the public key, I then log in to my ubuntu laptop, and paste that key into my list of authorized_keys, on a brand new line.

Step 1: Generate a 4096 RSA public/private key pair
Step 2: Copy your public key to your authorized_keys file.  Or, your private key, to another app on your iOS device.

Finally, I update /etc/ssh/sshd_config and turn off password login:

$ sudo vi/etc/ssh/sshd_config
PasswordAuthentication no
$ sudo service ssh restart

That’s it! By using keys with the ssh client app Prompt & the excellent sftp utility FileBrowser, I can now log in, do stuff, and then retrieve what I did via IOS.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s