= OpenSSH = '''OpenSSH''' is a [[Encryption/SSH|SSH]] client (`ssh(1)`) and server (`sshd(8)`). <> ---- == Installation == Most [[Linux]] and [[BSD]] distributions will have `ssh(1)` and `sshd(8)` installed. Otherwise, they will be available in an `openssl` package. Furthermore, many Linux distributions have `sshd(8)` running by default. For `systemd(1)`-capable systems, [[Linux/Systemd|start and enable]] `sshd.service`. For OpenRC-based systems, [[Linux/OpenRC|start and add]] the `sshd` service. For BSDs, [[BSD/Init|start]] the `sshd` service. To have it automatically start on boot, try editing `/etc/rc.conf` like: {{{ sshd_enable="YES" }}} [[Windows]] systems preferring access by [[Protocols/RDP|RDP]]. ---- == Setup == === Require Authentication by Key === To require that all client logins use keys, use: {{{ PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys PasswordAuthentication no }}} To make an exception for a user, add '''''at the bottom of the file''''': {{{ Match User git PasswordAuthentication yes Match all }}} To make an exception for the local network, add ('''''also'' at the bottom of the file'''): {{{ Match Address 192.168.*.* PasswordAuthentication yes Match all }}} === Login Messages === Usually any messages printed on login are actually handled by PAM. This can be tricky to configure, so instead disable the default login messages and configure the shell profile to print the desired messages. To disable all PAM login messages for a user, try: {{{ touch ~/.hushlogin }}} Note that default PAM configurations print `/etc/motd` and the output of `/usr/bin/lastlog --user USERNAME` on login. ---- == Usage == The primary use of `ssh(1)` is to access a remote host: {{{ ssh username@example.com }}} See [[Encryption/OpenSSH/Tunnels|here]] for details on creating and using SSH tunnels. ---- == See also == [[https://man.archlinux.org/man/core/openssh/ssh.1.en|ssh(1)]] [[https://man.archlinux.org/man/core/openssh/sshd.8.en|sshd(8)]] [[Encryption/SSHKeyGen|SSHKeyGen]] [[Encryption/SSH|SSH]] ---- CategoryRicottone