Enable the ssh service on ubuntu and build an ssh-based git Server

Source: Internet
Author: User
Tags ssh server asymmetric encryption

The definition of SSH on Wikipedia is as follows:

Secure Shell (SSH) is developed by the Network Working Group of IETF. SSH is a security protocol built on the application layer and transport layer, provides a secure transmission and use environment for the Shell layer on the computer.Install the ssh server and install openssh-server $ sudo apt-get install openssh-server

After the installation is successful, run the following command to ensure that the server has been started

$ Sudo start ssh

If the following result is displayed, it indicates that the operation has started.

Start: Job is already running: ssh

After openssh-server is installed, you can use the existing user name and password on the server to log on to the server through ssh.

For example, if the server has a user named lyndon, you can use the following command to log on to the server.

$ Ssh lyndon@192.168.111.111.

However, to support multiple users, you must add other users.

Add User

For more information, see Add a user.

Sudo useradd myuser Without a home directory
Sudo useradd-m myuser With home directory
Sudo passwd myuser Then set the password
Sudo usermod-s/bin/bash myuser Then set the shell
SSH keys Logon SSH keys allow authentication between two hosts without the need of a password. SSH key authentication uses two keys a private key and a public key.

The definition shows that the SSH kyes authentication uses asymmetric encryption technology.

Unlike symmetric encryption algorithms, asymmetric encryption algorithms require two keys: public key and private key ). A public key is a pair of private keys. If a public key is used to encrypt data, only the corresponding private key can be used to decrypt the data, and vice versa.Because encryption and confidentiality use two different keys, this algorithm is called asymmetric encryption algorithm.

The basic process for asymmetric encryption algorithms to exchange confidential information is:

Party A generates a pair of keys and uses one of them as a shared key to make public to other parties. Party B uses this key to encrypt the confidential information and then sends it to Party A for further storage. A private key is used to decrypt the encrypted information.

Party A can only use its private key to decrypt the Information encrypted by its shared key

Use ssh-keygen to generate a key

Generate a key using DSA

The generated key is stored in ~ by default ~ /. Ssh/directory

Where the public key is ~ /. Ssh/id_dsa.pub, private key is ~ /. Ssh/id_dsa

Send a public key $ ssh-copy-id username @ remotehost to Party B

The public key sent to Party B will be stored in the. ssh/authorized_keys file of Party B.

Therefore, to ensure security, we need to modify the permissions.

$ Sudo chmod 600. ssh/authorized_keys install git $ sudo apt-get install git initialize repository $ git init -- bare ~ /Public/lyndonrepo. git

The git remote repository has been created on the server.

Clone Repository

Return to the client and run the following command to clone the repository.

$ Git clone username @ remotehost :~ /Public/lyndonrepo. git myrepo

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.