From 93045830d9f8e77d92f26d023e8feb6902c2d08a Mon Sep 17 00:00:00 2001 From: JMARyA Date: Mon, 26 Aug 2024 14:05:40 +0200 Subject: [PATCH] update ssh --- technology/applications/network/SSH.md | 30 +++++++++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/technology/applications/network/SSH.md b/technology/applications/network/SSH.md index 3e8db8f..2cbd848 100644 --- a/technology/applications/network/SSH.md +++ b/technology/applications/network/SSH.md @@ -4,7 +4,9 @@ aliases: website: https://www.openssh.com/ obj: application repo: https://github.com/openssh/openssh-portable +rev: 2024-08-26 --- + # SSH Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Typical applications include remote command-line login and remote command execution, but any network service can be secured with SSH. @@ -161,4 +163,30 @@ User-based settings (everything here only applies to `user1`): Match User user1 PasswordAuthentication no AllowTcpForwarding yes -``` \ No newline at end of file +``` + +#### `authorized_keys` +The `~/.ssh/authorized_keys` file is used to enable passwordless authentication using SSH keys. You can specify multiple allowed SSH keys one per line. The syntax is: +``` +[options] key_type key [user@host] +``` + +Example: +``` +ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA7V4+1E... +``` + +Common Options: +- `command="command_to_run"`: Restricts the key to only execute a specific command. The SSH session will automatically execute this command upon login, and the user won't get an interactive shell. +- `from="hostname_or_ip_address"`: Limits the use of the key to a specific hostname or IP address, or a range of addresses. +- `no-port-forwarding`: Disables port forwarding for the key. +- `no-agent-forwarding`: Disables SSH agent forwarding for the key. +- `no-X11-forwarding`: Disables X11 forwarding for the key. +- `no-pty`: Disables the allocation of a pseudo-terminal for the key. This means the user won't get an interactive shell session. +- `permitopen="host:port"`: Restricts port forwarding to a specific host and port. +- `environment="VAR=value"`: Sets environment variables for the session when the key is used to log in. + +Options are comma-seperated if you want to specify multiple. + +#### `.ssh/rc` +The `~/.ssh/rc` file is a script that can be executed automatically whenever an SSH session is established. This can be configured globally with `/etc/ssh/sshrc`.