thank you for the kind words :) SSH is quite secure out-of-the-box, if you use ssh private and public keys and disable password auth. There are some things that are interesting in terms of auditing, compliance and 2FA, I will make a video about this in a few weeks, currently doing some research on that, so stay tuned! :)
A connecting client needs the private key right? How do you keep the priv key safe? Before you know you have your private key stored on multiple machines which would make strong password perhaps safer.
Generally you wouldn’t make copies of the same key, you’d keep it in some location that only you can access, like an encrypted drive. It’s best practice to audit ssh keys and create new ones.
Is it possible to create one set of ssh keys and then use those same ssh keys for the same domain account on all computers? so essentially, it would use the same key pair no matter what computer I log into as long as I use the same domain account? I was just pondering creating like a "Roaming Domain SSH Profile Account", where I can log in from any computer and use the same ssh key pair. It would be like assigning that key pair to that domain account so the user could get in from all computers in the domain using the same key pair. Possible?
Not sure if you're still monitoring this video, but I had a question about something. But first, thank you for your videos. You have helped me to finally comprehend something numerous times. When I created a key pair for one set of devices (Ubuntu client, Raspbian Host) I am able to connect without being prompted for a passphrase even though I included one in the setup. But when I tried to do the same thing with my Android as the client through Termux to the same Pi, I am being prompted for a passphrase. Any idea why?
hi, i followed the steps, yet i still have to enter my ubuntu-server user password to log on using ssh, any clue what else i have to do ? for exampe, enable port-22 or other steps ? i am trying to log on locally (not remote ssh)
Hi, I am new in the hole homelab project, i've done everything the way you explained and presented to us. But the section with "Authenticate with private and public keys" isn't working the way it should. I've watched it twice and checked where my mistake could be but i cant find anything not similar with yours. I have to write passwords anyway although having the right keys in the right files. Do you or anybody have any ideas what to do to fix my problem? btw love your content... you're helping lot more then you might know :)
Take a look in the ´sshd_config´ wherever it might be located on your system. I had to allow ´PermitRootLogin yes´ to login via root and additionally: ´PubkeyAuthentication yes´ ´PasswordAuthentication no´ Then restart the ssh service service ssh restart or systemctl restart ssh I am in the progress of setting up Ansible and used ´ssh-copy-id -i´ command instead of plain scp. Just make sure you have access to your system via some other method than SSH aswell. I installed both Dropbear and OpenSSH (different ports) just in case I lock myself out while setting this up.
@@ixutiini5793 thank u very much for the solution. but after long research overnight and multiple tries i found out that the PubkeyAuthentification yes was commented out and my ssh agend had no keys, so i simply uncommented PubkeyAuthentification in the sshd_config and added the key to the ssh agend with the command: ssh-add ~/.ssh/filenameRSA_key. Now its working fine and i can have fun again :D
please make tutorial about how to configuration ubunto network for example i have vmware machine on OVH and i installed ubunto but desktop to config network with failover ip i want know how to do it from terminal :D or if you can tell me where to check the network configuration file now to know how it done :D
Yes I used rainmeter on this video. You'll fine the theme in my github dotfiles but in 2 weeks I'll release a new video about my new Windows Development Setup, you might take a look :)
Why all videos show how to connect to a linux machine from a windows machine? I want to connect from a real linux machine to another real linux machine (no virtualization used), both are connected using wifi to the same router provided by the ISP
had to come back tot his as i had a brain fart and forgot how to do it. the best how to online about ssh keys
haha thank you :D
Worked like a charm, I have been looking for a simplified video like this. Thanks
It’s just so shameful that a channel with so much value Almost has no views while nonsense channels have millions , keep it up brother
Thank you so much bro! I'll keep doing what I do, hopefully break through at some point :)
Thanks Christian, You make the complex seem easy. Thanks very much for helping me understand the way this works.
WOW, good video and straight forward explanation !
thanks! :)
Great video. Thanks for your continued content man.
Thanks for watching!
Thanks Christian, that was cool 👍 very important to have personal VPN setup of accessing critical stuff like this over the net
Awesome! Thanks :)
@@christianlempa is a personal VPN the best way to accessing SSH or would using something like teleport, guacamole be a better option?
You are absolutely great for this!!
Thank you so much!!
Much needed video. Thanks a lot.
Thank you :)
Sir,we wana see the practical video how to ssh into home network from office network...great work,by the way...i learned a lot from yours videos
I'm doing more videos about remote access and VPNs in the future so stay tuned ;)
@@christianlempa so glad u heard me...again ,thanks for the valuable video....
Thank you so much for such a great explanation,
Thank you for watching it :)
Great video! Compliment
Very Helpful. Cheers!!
Many thanks for the great detail tutorial
Glad it was helpful!
Thank you, you're awesome
Very helpful. Thank You
thanx!! working like cake!
I'm trying to think up new architecture for older programs and apps, so that they can be used differently and maybe even make a comeback.
Great and simple video - thanks a lot, Christian!
May Ii ask where we/I can download your awesome wallpaper from?
thank you Christian
You're welcome :)
great video thanks!
Thx!
Great, thanks.
You're welcome!
loved the way you explained, any more ways to harden and
secure SSH?
thank you for the kind words :) SSH is quite secure out-of-the-box, if you use ssh private and public keys and disable password auth. There are some things that are interesting in terms of auditing, compliance and 2FA, I will make a video about this in a few weeks, currently doing some research on that, so stay tuned! :)
@@christianlempa Hey, i love your videos and your Blog! Did you make a video about that topic? Can't find it :D
Hey mate, it's included in this one here:ua-cam.com/video/Bx_HkLVBz9M/v-deo.html
@@christianlempa nice! Thanks for the quick answer! :)
A connecting client needs the private key right? How do you keep the priv key safe? Before you know you have your private key stored on multiple machines which would make strong password perhaps safer.
Generally you wouldn’t make copies of the same key, you’d keep it in some location that only you can access, like an encrypted drive. It’s best practice to audit ssh keys and create new ones.
Is it possible to create one set of ssh keys and then use those same ssh keys for the same domain account on all computers? so essentially, it would use the same key pair no matter what computer I log into as long as I use the same domain account? I was just pondering creating like a "Roaming Domain SSH Profile Account", where I can log in from any computer and use the same ssh key pair. It would be like assigning that key pair to that domain account so the user could get in from all computers in the domain using the same key pair. Possible?
Not sure if you're still monitoring this video, but I had a question about something. But first, thank you for your videos. You have helped me to finally comprehend something numerous times.
When I created a key pair for one set of devices (Ubuntu client, Raspbian Host) I am able to connect without being prompted for a passphrase even though I included one in the setup. But when I tried to do the same thing with my Android as the client through Termux to the same Pi, I am being prompted for a passphrase. Any idea why?
bruh
where is the link you are referring in 13:19?
nice video. I had a question though. How can i authenticate using user groups ? so for example : multiple users can login to my linux machine
Thanks mate! You can add multiple users on your linux machine and copy the public SSH keys for them into the authorized key file.
hi, i followed the steps, yet i still have to enter my ubuntu-server user password to log on using ssh, any clue what else i have to do ? for exampe, enable port-22 or other steps ? i am trying to log on locally (not remote ssh)
grande dolape
Hi, I am new in the hole homelab project, i've done everything the way you explained and presented to us. But the section with "Authenticate with private and public keys" isn't working the way it should. I've watched it twice and checked where my mistake could be but i cant find anything not similar with yours. I have to write passwords anyway although having the right keys in the right files. Do you or anybody have any ideas what to do to fix my problem?
btw love your content... you're helping lot more then you might know :)
Take a look in the ´sshd_config´ wherever it might be located on your system. I had to allow ´PermitRootLogin yes´ to login via root and additionally:
´PubkeyAuthentication yes´
´PasswordAuthentication no´
Then restart the ssh service
service ssh restart or systemctl restart ssh
I am in the progress of setting up Ansible and used ´ssh-copy-id -i´ command instead of plain scp.
Just make sure you have access to your system via some other method than SSH aswell. I installed both Dropbear and OpenSSH (different ports) just in case I lock myself out while setting this up.
@@ixutiini5793 thank u very much for the solution. but after long research overnight and multiple tries i found out that the PubkeyAuthentification yes was commented out and my ssh agend had no keys, so i simply uncommented PubkeyAuthentification in the sshd_config and added the key to the ssh agend with the command: ssh-add ~/.ssh/filenameRSA_key. Now its working fine and i can have fun again :D
thank you@@ixutiini5793
Need 2023 update
video about linux remote desktop
please make tutorial about how to configuration ubunto network
for example i have vmware machine on OVH and i installed ubunto but desktop to config network with failover ip
i want know how to do it from terminal :D
or if you can tell me where to check the network configuration file now to know how it done :D
Good idea, I think I will do a video on linux network configuration at some point
How did you customise your windows?
Yes I used rainmeter on this video. You'll fine the theme in my github dotfiles but in 2 weeks I'll release a new video about my new Windows Development Setup, you might take a look :)
Baysig Exblanation.
Can also use putty
Yeah, I still like Windows Terminal and the usualy CLI client more
Universal FireVall lol
lol mein Account heißt genau so und die IP ist nur an einer Stelle anders
talk too much at the beginning man, cant waste my time
Why all videos show how to connect to a linux machine from a windows machine? I want to connect from a real linux machine to another real linux machine (no virtualization used), both are connected using wifi to the same router provided by the ISP