Miner.farm Crypto Currency Community Forum
Browse and post your favorite coin/crypto news, miner.farm and PiMP OS updates and announcements, mining guides, overclocking tips, and more...
- Configuring the rig: Help / Getting started videos
- How to fix problems: Troubleshooting guides
- How to mine different algos / setup wallets: Strategy guides
- Keys and Downloads: your Miner.farm account page
- Post your rig pics to the rig showcase so we can all check out your awesome builds!
- Please subscribe/like/follow us on social media
Passwordless SSH from Linux/BSD/MacOS
This tutorial is a basic rundown of commands. Check the source referenced above for more detail. Or use your favorite internet search engine.
Your SSH server (pimp machines) are only as secure as your passphrase. Also, it's just plain annoying to type the damnable thing at every login or file transfer. Fix it with passwordless login key exchange and disable passwords at login.
For the purposes of this tutorial, I will use $CLIENT to indicate the machine you SSH from and $HOST to indicate the machine you SSH to. Commands will be couched in code blocks
$HOST > like this $CLIENT # and this
a prompt ":>" is a non-root prompt, while "#" is root user. Yours may be different (probably is, at least for non-root) in your shell config file and need to adjust your reading accordingly.
I'll be using
<HOST_IP>to indicate where IP addresses for the machines should be substituted. If you have changed your host name in ($HOST)
/etc/hostname, and have added your pimp rig to your $CLIENT
/etc/hostsor have configured your router to respect hostnames on your LAN, you can use the hostname instead. (I configure all three to take no chances, and configure a fixed-IP for my rigs. LAN best practices.)
01. Check for existing SSH key pair. ($CLIENT)
$CLIENT :> ls -al ~/.ssh/id_*.pub
If this command returns one or more file names, you already have SSH keys and can skip to step 03. Or you can create a separate set of keys, but that's beyond the scope of this tutorial.
02. Generate SSH key pair ($CLIENT)
$CLIENT :> ssh-keygen -t rsa -b 4096 -C "some_email@some_domain.com"
The keygen process will ask where to store the keys. The default location is ideal unless you have a compelling reason to change it.
Follow the prompts. The process should be complete when you are returned to your shell prompt. Still, you should verify that the files were created.
$CLIENT :> ls ~/.ssh/id_*
You should have an
03. Push keys to $HOST
Your $HOST needs a copy of the public key. You can do this manually (details not in this tut) but the ssh client package provides an easy way to do this.
By default, pimpos wants us to use the root user. Unless you have created and use a regular user (with
doasprivileges) (which you should do because logging as root, especially over the network, is bad bad admin practice.) This tut, however, assumes you have not changed this practice. If you have (good for you!), you will need to modify the login appropriately.
$CLIENT :> ssh-copy-id root@HOST_IP
SSH will ask for your pimp passphrase and copy the public key of $CLIENT to the $HOST.
05. Verify all went well.
$CLIENT :> ssh root@HOST_IP
You should be presented with your pimp shell prompt and not be asked to enter the passphrase. If you configured the ssh key with a passphrase, you will be asked for it.
04. Disable $HOST password login. (optional but recommended)
After verifying you can log into an account with administrative privilege (root or user with
doaspermission), you can secure your $HOST by disabling password authentication.
Log in to your $HOST (hurray! no password) and edit the file
Search for and modify the following lines so they match.
PasswordAuthentication no ChallengeResponseAuthentication no UsePAM no
Save and close the file. Now you need to restart the ssh server process.
$HOST # systemctl restart ssh
Done. Happy administering.
We promise to keep your email safe and never spam you.
© 2014-2020 Miner.farm | By Miners, For Miners | Portable Instant Mining Platform, LLC