Note: this wiki is no longer maintained. If you have any questions related to this wiki, please post them on the CrunchBang forums.
SSH (Secure SHell) allows you to remotely access and control a computer, similar to Telnet but encrypted.
A SSH client should already be installed on your local machine, so you just need to install the server software on your remote machine.
sudo apt-get install openssh-server
For more information on installing applications, see here.
Now on the client machine you should be able to access the remote machine.
Where 'user' is your login name for the server and 'user-server' is the name of the remote computer, basically what comes up on your bash prompt when you open a terminal, if a user name isn't supplied it will default to your current user name so 'ssh user-server' may also work.
Once you have supplied your login password then you should have access to the remote computer.
Will log out of the remote computer.
Now to secure SSH, at the moment your only protection is your login password.
The first step is to generate a public private key.
On your local computer:
this will create a public and private key, it will ask you if you want to add a password, whether you add one is up to you, some one will still need the key to access the remote machine, the password will add an extra layer of protection if somebody does get hold of the key.
scp ~/.ssh/id_rsa.pub user@user-server:~/
This will copy the public key over to the remote machine.
Now you need to log in to your remote machine:
Then to add the key to the correct file:
cat ~/id_rsa.pub >> ~/.ssh/authorized_keys
You don't need this copy of the key any more so you can delete it:
(note you could scp the key straight over to ~/.ssh/authorized_keys, but this way ensures you don't over write any existing keys.)
Now to modify the config file, while still logged into the remote computer:
sudo nano /etc/ssh/sshd_config
(note don't user a GUI text editor for this, any terminal text editor is fine though.)
and modify these two lines:
RSAAuthentication yes PubkeyAuthentication yes
they enable key authentication.
Now to remove the login password, so that you only require the key, and any password that requires.
ChallengeResponseAuthentication no PasswordAuthentication no UsePAM no
As an extra security measure you can specify who is allowed to login by changing this line:
then save and exit.
Now to reload the config file.
Your settings should now be in effect, and you can logout of the remote machine.
SSH allows you to do a variety of things, heres a few