To secure your system, you shouldn’t allow root to login remotely. Instead, if an admin needs to use the root account they should login using their own account and then su - or sudo to the root account as needed.

Edit the /etc/ssh/sshd_config file and change the following lines:

PermitRootLogin no PermitEmptyPasswords no

Some of these properties may be commented out in the file, so all you’d need to do is remove the # sign.

Have you ever had an SSH connection timeout on you and you’re left with what looks like a locked session. Repeatedly hitting the Enter key does nothing. It seems that there is nothing that you can do except close the console terminal session…or is there something else?

Many people are not aware that SSH has its own set of keyboard shortcuts. The solution to the above problem is to terminate the connection using the first of these shortcuts.

If you are trying to access the web page of an application running on a remote machine and you find that you are blocked, you can bind to it using SSH with similar parameters to this:

$ ssh pi@raspberrypi.local -L 8384:127.0.0.1:8384 -N

Where:

• pi@raspberrypi.local is the remote server,
• 8384 is the port number on the remote that you wish to connect with,
• 127.0.0.1:8384 is the local machine and the port that you want to redirect to, and
• -N is a flag telling ssh not to execute a remote command.

If you need to do a ‘diff’ on 2 folders and one of them is remote then you can accomplish that as follows:

$ diff <(ssh username@192.168.1.60 ls -R /home/username/dir1) <(ls -R /home/username/dir2) 

Create the key. Note those are two single quotes after the -N (for a blank passwd) $ ssh-keygen -t rsa -b 4096 -N ’’ Copy it to the target server $ cat .ssh/id_rsa.pub | ssh username@192.168.1.123 ‘cat » .ssh/authorized_keys’ Test it $ ssh username@192.168.1.123

It is important to set the directory and file permissions for your ~/.ssh correctly.

Typically you want the permissions to be:

• .ssh directory: 700 (drwx——)
• public key (.pub file): 644 (-rw-r–r–)
• private key (id_rsa): 600 (-rw——-)
• lastly your home directory should not be writeable by the group or others (at most 755 (drwxr-xr-x)).

For example, to set this permissions do: $ chmod 700 ~/.ssh $ chmod 600 ~/.ssh/* $ chmod 644 ~/.ssh/*.pub $ ls -ltr ~/.ssh/