OpenSSH/Config

From Ever changing code
< OpenSSH
Revision as of 11:36, 1 November 2021 by Pio2pio (talk | contribs)
Jump to navigation Jump to search

generate ssh key

ssh-keygen -t ecdsa -b 521 # -> ~/.ssh/id_ecdsa and ~/.ssh/id_ecdsa.pub
# -t </path/mykey>

authorized_keys

Below the restrict option is a future proof (according to the documentation) method to disable additional features like port forwarding, pty allocation, etc., stopping any attackers from using the key for pivoting or any other malicious activity. The command option forces the command given to be run when this key is used, stopping an attacker from gaining command execution on the machine. 

vi ~/.ssh/authorized_keys
command="/usr/local/bin/honeykey admin@honeypot",restrict ssh-rsa AAAAB3Nz******6iakD admin@honeypot

Resources

Retrieved from ‘http://wiki.ciscolinux.co.uk/index.php?title=OpenSSH/Config&oldid=6634