Creating a new user and setting up their keys in SSH.

 SSH, shortly abbreviated for Secure Shell,  is a network protocol that provides secure access to a computer and manages devices over an unsecured network. It widely used by system admins, developers, and network engineers. SSH uses the port 22 and on a side note, HTTPS uses port 443 and port 80 is the default port for web servers. Some key features of SSH are:

1. It encrypts all data between the client and the server, making it reliable for crucial data.

2. It prompts the user with password authentication as well as key authentication ( public and private keys) which adds another layer of security.

3.  With port forwarding, SSH can forward network traffic, securing data.

4. With SCP (Secure Copy) and SFTP (SSH File Transfer Protocol) allow secure file transaction.

5. Users can interact on a remote session using commands via SSH session.

Steps to set up the key for a new user:

1.  "useradd username"

"useradd" command will allow the individual to add a new username to their interface and username is the name of your choice provided it is not found on the device.

If a username already exists, then the user will be prompted by the message above " user "cybersec" already exists."

2. "passwd username"

"passwd" command prompts the user to input a new password and then retype the new password for validation. "username" will determine to which user should the new password be applied.

If ever, a password has already been created and the user wants to change it, they must use " chpasswd username".

3. "ssh-keygen -t rsa"

This command will generate a public key as well as a private key. Once created, the user will be prompted to input a passphrase to secure the keys. 

".ssh/id_rsa.pub" is the public key and ".ssh/id_rsa" is your private key. PRIVATE KEY must be kept confidential and secured whereas PUBLIC KEY can be shared.

To check or view your public key, the command blow is input.

"cat ~/.ssh/authorised_keys" 

Copy the public key by highlighting the whole output from "ssh-rsa...." to the end with your left click. or simply use the command " ssh-copy-id username@serverip". This will copy the public key associated with the username and add it to the server. 

To check if the public key is on the server, then use "ssh username@serverip"

4. If the user wants to push the public key on another platform, e.g. Github, they can proceed with the steps below.

 i) After copying the public key,  navigate to Github settings.

ii) Look for SSH & GPG key

iii) Add new key, name the key and paste it where applicable.

To check for validity, use "ssh-T git@github.com"

Comments

Post a Comment

Popular posts from this blog

Domain Name System( DNS)- Recursive DNS

 What is DNS? When someone type in a domain name (Ex. google.com), it triggers a DNS lookup . During that process, the domain name will match a corresponding IP address that will be returned back to the client. There are 2 types of DNS lookups; iterative and recursive.   A recursive DNS lookup implies that one DNS server interacts with other DNS servers and returns a matching IP address to the client. On a side note, a DNS server is when a user types a domain name. This enable a DNS lookup where several remote computers return a corresponding IP address to the user's computer and allow them to access the correct website. A DNS query on the other hand implies that the client can communicate directly to each DNS server involved in the lookup. In a DNS lookup, there are several DNS servers involved; DNS resolver, DNS root server, DNS TLD (Top-Level Domain) server, and DNS authoritative nameserver. In iterative DNS lookup, DNS resolver asks each DNS one by one until it finds t...
Read more

SSH (Secure Shell) and Virtual Private Network(VPN)

 As stated in my previous blog, SSH and VPN works almost similarly. They both provide the user with secure access to transfer data over an unsecured network. However, they serve different purposes. SSH is a protocol primarily designed for secure access to individual servers or devices. Users can execute commands, transfer files, and  forward specific ports, while encrypting the data. It is focused towards ensuring the completion of tasks, making it ideal for system admin and developers who need direct interaction over a remote server. VPN, on the other hand, is a wider solution that ensure the security of all internet traffic between devices and a remote server. It creates an encrypted tunnel to protect online activity and masks the IP address. It is used to provide remote access to an organization's private network, or perhaps enhance privacy on a public network like in Cafe, malls, etc... Both of them also possess drawbacks. SSH has limited network access and it requires exp...
Read more