As we recently changed to Ubuntu Mate 15.10 on one of our laptops we had to set up a new SSH config as Putty isn’t the best way to use SSH Linux from our point of view. Writing the address all the time you access a server can be tedious. And If you’re in the same situation as we are, where you have different servers, with different passwords and keys to remember – then configuring your SSH with aliases is the proper way to go. It’s a much more elegant solution than having to remember everything all the time.

To accomplish this we have to set up a config file in /.ssh of your user, we also have to store the keys in some directory and finally put it all together. In this guide we will use “testuser” as the user, and setup server1 & 2.

  1. install SSH
    $~: sudo apt-get update && sudo apt-get install openssh-server
  2. generate a new stronger key
    $~: cd /home/testuser
    $~: sudo ssh-keygen -b 521 -t ed25519

    Save the key to /home/testuser/.ssh/id_rsa
    If it asks you to overwrite existing key, answer “yes”.

    Save the key with or without passphrase, we prefer without because a 4096 bit key is strong as it is, and as we do daily backups we can’t use a passphrase. But, this is totally up to you, depending on what you prefer.

    Enter passphrase (empty for no passphrase): [PRESS ENTER]
    Enter same passphrase again: [PRESS ENTER]
  3. create the keys dir
    $~: sudo mkdir /home/testuser/.ssh/keys

    In our setup we have one folder for each server, but you could just store all the keys in one folder, it makes no difference.

  4. Generate new keys for each server you want to connect to

    Same thing here – no passphrase.

    Enter passphrase (empty for no passphrase): [PRESS ENTER]
    Enter same passphrase again: [PRESS ENTER]

    Server 1

    $~: sudo ssh-keygen -b 521 -t ed25519 -C "server1"

    Change the location of where the key is saved

    Enter file in which to save the key (/Users/you/.ssh/id_rsa): /home/testuser/.ssh/keys/server1

    Server 2

    $~: sudo ssh-keygen -b 521 -t ed25519 -C "server2"

    Change the location of where the key is saved

    Enter file in which to save the key (/Users/you/.ssh/id_rsa): /home/testuser/.ssh/keys/server2
  5. check that the keys where generated
    $~: ll /home/testuser/.ssh/keys

    If everything went fine, you should have 2 sets of keys in your keys dir

    -rw------- 1 root root 3243 okt 15 18:27 server1
    -rw------- 1 root root 734 okt 15 18:27
    -rw------- 1 root root 3243 okt 15 18:28 server2
    -rw------- 1 root root 734 okt 15 18:28
  6. Create a config file for the ssh hosts
    $~: sudo nano /home/testuser/.ssh/config
  7. Edit the config file

    # Name
    Host =                 The name you use as alias
    Hostname =     The host you connect to
    User =                  User on remote server
    IdentityFile =   Where you store your keys on the local machine

    # server1
     Host server1
     User user1 
     IdentityFile /home/testuser/.ssh/keys/server1
    # server2
     Host server2 
     User user2 
     IdentityFile /home/testuser/.ssh/keys/server2
  8. Change permissions of the keys dir
    $~: sudo chmod -R 600 /home/testuser/.ssh/keys/
  9. Connect to the remote server

    Now you’re all set to connect to the remote server, but as we have done the setup with keys, there are just a few more things we have to configure on the remote server. But for now, at least the aliases should work. To login you simply just type

    $~: ssh server1

    As the keys won’t be accepted by the remote server yet, you will have to type your password the first time. Once you’ve checked that it works, we now have to copy the key from the local server to the remote server. You could use ssh-copy, but we prefer to do it manually.

  10. Exit the remote server
    $~: exit
    $~: cat /testuser/.ssh/keys/

    Depending on if you ‘re using Putty or not, there are different ways of copying. In Putty you just mark the text. In my system CTRL+C works.

    The key looks like this

    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDmDrYM9SAbIxJTh06CUpdVZrVRct8H3FbuGlM8NlPAUxG6Dof/fVmwjBI0cuE++ehDdqa1qH6lyKdzBN6IjtSSUAQ9bphyBAfdTOritXdakjvwyvquwyqgpuwblcyrgoqrbvliwcwicuwiufbiOhP8USN2p9kRg22KH+F2G18AmcrW7cVbJj4f88S8DVXh0gC0zW2aPTYfKLWppmkY2fw8KnuIOUpVHwAkv+J5eaN4IsvCfTe/+H1CJFQdu70fX6F2wKo/4ziN3xCBlwpqNDiH6wKhbzd4sw== testuser
  12. Connect to your remote server
    $~: ssh server1

    Depending on your SSH setup the directory could be different. The easiest is to store them in root, and then the folder path would be like this:

    $~: vi /user-on-server1/.ssh/authorized_keys

    Paste the content from step 11 to server1 authorized_keys. To insert, press [SHIFT+i]

  14. Exit remote server and test you new config
    $~: exit
  15. TEST SSH IN TO server1 FROM THE local server WITH
    $~: ssh server1

    If this works without having to enter a password you can go ahead with next step, if it doesn’t work – fix the issue first. Next step will lock you out of your system if the key is wrong.

    $~: vi/etc/ssh/sshd_config

    Don’t allow passwords, look for this row.

    # Change to no to disable tunnelled clear text passwords
    PasswordAuthentication no

    This will disallow to login with password, and only accept keys for better security.

  16. save and exit

    Repeat step 9 – 17 for server 2.

 Pro tip

Check out the pre-configured ownCloud VM. Just download and mount. Voila, you have your own cloud server.