1. What to do:
SSH (Secure Shell):
ssh user@hostname requires typing password each time which can be annoying. Using SSH Key-Based Authentication is an alternative.
Generate a key pair:
In you local computer(Mac/Linux), generate a key pair
you will see:
Generating public/private rsa key pair. Enter file in which to save the key (/home/username/.ssh/id_rsa):
You can save to another directory if you know what you are doing. It will then generate a
id_rsa.pub, the private and public key pair.
It then will prompt options for you to configure, won’t go wrong, but you would better leave the
pass-phase blank, otherwise you will have to type extra password to using this key pair for ssh authentication.
2. Copy the public key to your remote server:
id_rsa.pub to the server.
This will copy the contents of
id_rsa.pub into a file called
.ssh/authorized_keys in the remote user’s home directory.
If you don’t have
ssh-copy-id in you local, you can simple copy it manually by
scp ~/.ssh/id_rsa.pub user@remote_host:~/.ssh/authorized_keys
3. Set config for sshing to the remote server:
Then you will be able to ssh to remote host by:
ssh -i ~/.ssh/id_rsa user@remote_host
to make it even more simpler:
Add these lines to it:
Then you can just do
4. Reverse Tunnel:
SSH from remote server to a router nested host (your local)
Option1: setup port forwarding in the local host, say configure router’s port 3000 to map to local host’s port 22.
Option2: open a live connection from the firewall nested host
target-nested-host$ ssh -f -N -T -R22222:localhost:22 my-server-host
Then, you should be able to ssh into a public server host:
operational-host$ ssh my-server-host
Then in the remote shell:
my-server-host$ ssh -i key_to_target_host -p 22222 localhost
Use case; I have a remote server and a linux box that connected to a router, I want someone else to connect to the box via ssh, and due to my complex router-network setup, this is actually the simplest solution.