Discussion on "Creating an SSH connection to a server"

Chris Bongers · 2021-04-19T06:49:33.359Z

SSH is an amazing way to make secure connections to servers. It stands for Secure Shell, and it's a network protocol between two computers. In our case my laptop, and the server. Often servers will come with a terminal you will be able to access from...

sudo su

nmtui

set system hostname: Prezime-00

edit a connection: connection 1: WAN

edit a connection: connection 2: LAN: IPv4 CONFIGURATION MANUAL: ADRESSES ADD 172.17.143.1/24

ifconfig

yum install dhcp

file>otvori jos jedan terminal

[DRUGI TERMINAL]

nano /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example

A slightly different configuration for an internal subnet>COPY

[PRVI TERMINAL]

nano /etc/dhcp/dhcpd.conf>PASTE

subnet 172.17.143.0;

range 172.17.143.2 172.17.143.254;

option routers 172.17.143.1;

option broadcast adress 172.17.143.255;

option domain-name-servers 172.17.143.1;

systemctl enable dhcpd

systemctl start dhcpd

[VPCS]

show ip

ip dhcp

ping 172.17.143.1

ping 1.1.1.1

[TRECI TERMINAL]

sysctl -w net.ipv4.ip_forward=1

sysctl net.ipv4.ip_forward=1

COPY net.ipv4.ip_forward=1

nano /etc/sysctl.d/ipv4_forward.conf PASTE

firewall-cmd --direct --permanent --passthrough ipv4 -t nat -I POSTROUTING -o eth0 -j MASQUERADE

firewall-cmd --direct --permanent --passthrough ipv4 -t nat -I FORWARD -i eth1 -j ACCEPT

firewall-cmd --reload

[VPCS]

ping 1.1.1.1

ping google.hr

[TRECI TERMINAL]

yum install bind bind-utils

nano /etc/named.conf

listen on port 53: 172.17.143.1;

allow-query: 172.17.143.0/24;

forwarders {1.1.1.1; 1.0.0.1; 8.8.8.8; 8.8.4.4; }

firewall-cmd --add-port=53/tcp

firewall-cmd --add-port=53/udp

systemctl start named

systemctl enable named

firewall-cmd --reload

Nat eth0 -> switch eth0

MikroTik eth1 -> switch eth1

Webterm eth0 -> switch eth2

Na webtermu odkomentiramo zadnja 2 reda u EDIT CONFIGU

Otvorimo MIKROTIK

ip dhcp-client print (dobivenu adresu ako hoćemo zalijepimo u naziv mikrotika) kod njega je IP 192.168.122.139

Terminal WEBTERMA

ifconfig

ssh admin@192.168.122.139 koji smo dobili

/system identity set name=Prezime-00

user add name=Ime group=full password=12345678

:quit

ssh Ime@192.168.122.139

user print, remove admin, :quit

ssh-keygen -b 4096

ls -al, ls -al .ssh, nano .ssh/id_rsa (samo izađeš iz toga), nano .ssh/id_rsa.pub (isto samo izađeš)

scp .ssh/id_rsa.pub Ime@192.168.122.139:/Prezime.pub

ssh Ime@192.168.122.139

file print

user ssh-keys print

user ssh-keys print public-key-file=Prezime.pub user=Ime, user ssh-keys print, :quit

ssh Ime@192.168.122.139

:quit

ssh Ime@192.168.122.139 -o PubkeyAuthentication=no

Dodajemo CentOS i spajamo CentOS eth0 -> switch eth3

ULazimo u CentOS i odlazimo na CTRL+ALT+F2

ifconfig (dobijemo IP adresu i zalijepimo ju u naziv CentOS-a) kod njega je IP 192.168.122.131

Vraćamo se u terminal webterma(Vule provjeri jel ovo točno da je terminal webterma jer mi se kasnije čini da je CENTOS, pa ovo sve tad izbriši i napiši samo CENTOS, hvala)

ls -al .ssh, ssh osboxes@192.168.122.131, ifconfig, exit, clear

ssh-copy-id osboxes@192.168.122.131

ssh-copy-id osboxes@192.168.122.131 (ne znam iz kojeg se razloga ovo opet moralo napravit)

ssh-copy-id osboxes@192.168.122.131, exit

ssh osboxes@192.168.122.131 -o PubkeyAuthentication=no, postavimo neku lozinku (nudit će nam samo), clear

exit, ssh osboxes@192.168.122.131, sudo su, nano /etcc/ssh/sshd_config

Unutra izbrišemo # (ovaj znak) ispred PubkeyAuthentication=YES, PasswordAuthentication no (promjenimo iz yes u no), izbrišemo # ispred PermitEmptyPasswords no, IZLAZIMO VAN

systemctl restart sshd, exit, clear

Dodajemo windows10 i spajamo Win eth0 - > switch eth4

Ulazimo u windows Passw0rd!

Start, windows powershell (admin)

ipconfig (zalijepimo ju u naziv windowsa) kod njega je IP 192.168.122.226

srat, computer management, services and applications, services, OpenSSH SSH Server, properties, startup type: automatic, APPLY, START s lijeve strane

WEBTERM

ssh IEuser@192.168.122.226

ipconfig, exit, clear, gasimo powershell

Otvaramo File manager, gore u sredini pišemo programdata, ssh

U startu otvaramo NotePad, iz programdata desni klik na sshd_config Copy as-path, u NotePadu Open, u File name zalijepimo što smo kopirali, OPEN

Vraćamo se u webterm, id_rsa.pub, refresh u programdata, u webterm ssh IEuser@192.168.122.266

ProgramData, administrators_authorized_keys, kopiramo iz NOtePada administrators_authorized_keys, properties, security, advanced, change perrmissions, Authenticated Users stisnemo i Disable inheritance, nakon toga prvo ponuđeno

Opet stisnemo na tog korisnika i REMOVE, gore plavo CHANGE, napišemo na kraj SYSTEM, nakon toga OK, OK, OK

WEBTERM

ssh IEuser@192.168.122.226, EXIT, ssh IEuser@192.168.122.226 -o PubkeyAuthentication=no, exit

Idemo u NotePad, izbrišemo # sa PubkeyAuthentication=yes, nađemo PasswordAuthentication yes (promijenimo u no) i maknemo #, ispod njega PermitEmptyPasswords no maknemo #, SAVE desno gore

U computer managementu, services, stisnemo plavi RESTART

WEBTERM

ssh IEuser@192.168.122.226, dir, exit

Discussion

Creating an SSH connection to a server

Responses(3)

Recent in Forum

Search Hashnode

Creating an SSH connection to a server

Responses(3)

Recent in Forum