Difference between revisions of "Ubuntu Info"

From TheBestLinux.com
Jump to navigation Jump to search
Line 78: Line 78:
  
 
Using your mouse, drag it over the entire key to highlight it so you can then copy it to paste it to the /home/david/.ssh/authorized_keys file on the target node machine.
 
Using your mouse, drag it over the entire key to highlight it so you can then copy it to paste it to the /home/david/.ssh/authorized_keys file on the target node machine.
 +
<br />
 +
MAKE SURE you ONLY select and highlight the part from "ssh-rsa" through "david@ns1.dawgland.com", substituting your actual information.
 
<br /><br />
 
<br /><br />
  

Revision as of 23:48, 29 January 2023

Ubuntu Linux - One of the Most Popular Distributions of Linux!

Ubuntu Linux is a very popular distribution of Linux, especially among new users and hobbyists. It is comes in two basic editions, the desktop edition and the server version.

As the default Ubuntu download servers are usually very busy, I have found this URL to be pretty fast most of the time:

http://mirror.it.ubc.ca/ubuntu-releases/



Ubuntu is based on the Debian distribution, one of the oldest distros, originally based on BSD UNIX and it's packages are managed using the same Debian tools apt, though the other Debian package manager, dkkg, can also be used.

SSH Passwordless Login Setup - Connect to a Linux server using secure shell keys instead of using a name and password, which is MUCH more secure!

Here is an example of how to setup SSH key login from one Linux machine to another, using only Secure Shell keys instead of name and password, making a much more secure login method, beside being much faster and more efficient, not to mention allowing for much more complex scripting and other types of automation.

In this example, I will use two Linux machines, named "ns1" and "ubunsrv1". Their fully qualified domain names(FQDN) are ns1.dawgland.com and ubunsrv1.dwagland.com. Although ns1.dawgland.com is my home network domanin name server(DNS) running Rocky Linux(Based on Red Hat Enterprise Linux source code), it is irrelevant in this example, as the target machine, ubunsrv1.dawgland.com, is running the current long term stable release of Ubuntu Server.

To start with, while logged into the main server, ns1, create the user's SSH keys, if not already done. Here is an example of how to create those keys as user "david" on the ns1.dawgland.com machine. Note that I used the "G" switch to add the user "david" to the "wheel" group, the adminstrator group/sudoer group on Red Hat based systems. On Ubuntu, substitute the "sudo" group instead of the "wheel" group to be able to run commands using sudo:

[jamie@ns1.dawgland.com:~]$ sudo useradd -c "David J. Anderson" -G wheel -m -s /bin/bash david



Then, set the password for the new user "david":

[jamie@ns1.dawgland.com:~]$ sudo passwd david



Now that the new user "david" has been created, you need to become that user. Since you are already logged in as your normal user, to become the "david" user, or whatever username you are going with, type this command to become that user:

[jamie@ns1.dawgland.com:~]$ su - david
Password: 
Last login: Sun Jan 29 14:11:38 PST 2023 on pts/1
[david@ns1.dawgland.com:~]$



Next, create new SSH keys for the new "david" user, as "david". Just hit the "ENTER" key when it prompts you for file to save the keys as, as well as for password, so that you can login with ssh keys from scripts without having to enter passwords.
I like to be more explicit and specify ssh key type(RSA) and key length(4096-bits instead of the default 2048-bits):

[david@ns1.dawgland.com:~]$ ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/home/david/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/david/.ssh/id_rsa.
Your public key has been saved in /home/david/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:c7vp3Y0qlDSHZ4WgB/Ae45qZEeXBNQ/v52tmhwjEmL0 david@ns1.dawgland.com
The key's randomart image is:
+---[RSA 4096]----+
|      .o+.=. .   |
|       +.+ =. .  |
|      . *=..o.   |
|       +o+B.+    |
|      . So.B. .  |
|       * oE. o   |
|      =  ... ... |
|          .+..=+.|
|         .+.o=+..|
+----[SHA256]-----+
[david@ns1.dawgland.com:~]$



Now, spit out your public key to the screen using the "cat" command, so that you can highlight it, to copy and paste it to the target node machine:

[david@ns1.dawgland.com:~]$ cat ./.ssh/id_rsa.pub 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCnasRlwErAnXuYnQMT+VckQYPGWtHl3GPDhOiazeZWtAQbtRfuYN7rCSOB62QRv9CXxuDHy4CrYFeca2ZGolOnLxBzjr9NAOfzW7hkylp7DzdNjVL8awFb8F8BX5bIEmWy+hLbWzycMlNxRR+KHSnzB8AN1HObfvXk2eSvMrpOtu9eixajaPGWCwE4GtFX3dTnJsoKlWGyvhRvl5qWlprpQveAyByp1jtuBBGNqpnVG0Lkc1cioBNMQFFEAJ3axRLUKpynpSad5rJHmzyF56uQdFUtEnssVpw0xR3qP8ksvlwD0klZbvrFIPgu47c7NH7wfBE7C9GrcxpUMsOt5RkyOOoBOv1/COzn0zubQkLgJofPOIhwYJtCGRdhje/dVbzCkGRmvjD6kZxxiIm7O7iPwOVatwM6OGbA2A/kbxn4MR0X9BKMDLyKFh+XbrnNs+qNIQx5N3dWYUpQfTyQstF7hVkpRQVSn05Iv5AcdgfH4MBMacpK/OjtyvumEYMZGT2t+KPOyHlDs6xkp3zCO9FiAn3cLunA2ooKNIPmEOh4oAzgYeXcTIx/xgPwuTaOyhWUb96DUqGaxq798TuG/Lk33W/YIDd9Ot9fOBatmirhKYphozx939DHOoWMIguyL1eV/kPkNmEqfVzHWSQw4MKfOQKk1SNKMlkVQWpTFtzFiQ== david@ns1.dawgland.com
[david@ns1.dawgland.com:~]$



Using your mouse, drag it over the entire key to highlight it so you can then copy it to paste it to the /home/david/.ssh/authorized_keys file on the target node machine.
MAKE SURE you ONLY select and highlight the part from "ssh-rsa" through "david@ns1.dawgland.com", substituting your actual information.

Now, on the 2nd machine, that you want the new user, in our example, david, to be able to log into without a password, using only their secure shell(SSH) keys, repeat the exact same command as you did on the first main machine to create the "david" user, or whatever name you are going with, and then, create their SSH configuration directory in their user home dirctory, in our example, /home/david/.ssh/.

To do so, after creating the user account as you did on the first machine, type this command to create the .ssh directory in the user's home directory:

jamie@ubunsrv1:~$ sudo mkdir -p /home/david/.ssh



Next, make the user the owner of this new directory:

jamie@ubunsrv1:~$ sudo chown david:david /home/david/.ssh



Create the new /home/david/.ssh/authorized_keys file so that you can paste the contents of the clipboard containing the previously created ssh key:

sudo vi /home/david/.ssh/authorized_keys
<br /><br />
It will open up in the "VI" editor, so first thing is to get into "insert" mode within "vi".  Just tap the "I" key, lower case, and it will get you into "insert" mode.  Then, paste the key into this file.  Then, hit the "ESCAPE" key on your keyboard to exit "insert" mode, and they, tap the colon(:) to enter a command, and at the : prompt, type the lower-case x key and hit enter, as seen here:
<pre style="color:blue">
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCnasRlwErAnXuYnQMT+VckQYPGWtHl3GPDhOiazeZWtAQbtRfuYN7rCSOB62QRv9CXxuDHy4CrYFeca2ZGolOnLxBzjr9NAOfzW7hkylp7DzdNjVL8awFb8F8BX5bIEmWy+hLbWzycMlNxRR+KHSnzB8AN1HObfvXk2eSvMrpOtu9eixajaPGWCwE4GtFX3dTnJsoKlWGyvhRvl5qWlprpQveAyByp1jtuBBGNqpnVG0Lkc1cioBNMQFFEAJ3axRLUKpynpSad5rJHmzyF56uQdFUtEnssVpw0xR3qP8ksvlwD0klZbvrFIPgu47c7NH7wfBE7C9GrcxpUMsOt5RkyOOoBOv1/COzn0zubQkLgJofPOIhwYJtCGRdhje/dVbzCkGRmvjD6kZxxiIm7O7iPwOVatwM6OGbA2A/kbxn4MR0X9BKMDLyKFh+XbrnNs+qNIQx5N3dWYUpQfTyQstF7hVkpRQVSn05Iv5AcdgfH4MBMacpK/OjtyvumEYMZGT2t+KPOyHlDs6xkp3zCO9FiAn3cLunA2ooKNIPmEOh4oAzgYeXcTIx/xgPwuTaOyhWUb96DUqGaxq798TuG/Lk33W/YIDd9Ot9fOBatmirhKYphozx939DHOoWMIguyL1eV/kPkNmEqfVzHWSQw4MKfOQKk1SNKMlkVQWpTFtzFiQ== david@ns1.dawgland.com
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
~                                                                               
:x



Now, make the new user, in our example, david, the owner of the new /home/david/.ssh/authorized_keys file using this command:

sudo chown david:david /home/david/.ssh/authorized_keys



And that is all there is to it. Try to use ssh to log into the new server from the main server as the new user, like this:

[david@ns1.dawgland.com:~]$ ssh 192.168.200.246
Welcome to Ubuntu 22.04.1 LTS (GNU/Linux 5.15.0-58-generic x86_64)



If you get the "Welcome to Ubuntu message" without being prompted for a password, you have successfully setup ssh login! Congratulations!