That’s great to hear! It’s funny, I still learn little things I didn’t know when I’m making “entry level” videos. Like I had to actually figure out why/how eval was required, etc. It’s been muscle memory for so long, that the details get fuzzy. :)
@@shawnp0wers yeah this is absolutely correct. I recently did a little research about SSH key management and logging in with those, this is why I said "all of it" 😂
Great video Shaun! I am setting up NAPALM for netbox and was struggling to understand a article on how to setup the SSH part... but it makes sense now :D
I knew you can do the eval to set this up, but it never occurred to me that I can copy and paste the export statements to all my terminals. Now I am not "stuck" with that specific terminal. Thanks for this video!
In the recent interview i had for a junior linux sysadmin position one of the tests they gave me was configure ssh rsa login for a user in linux. They allowed me to google so i managed but it took time. I wish i had watched this before.
Ok... I have to say, them letting you use google was incredible. I know I say it a lot, but that's how sysadmins do things. We can't remember everything all the time. Being able to google in an interview, and showing your ability to figure stuff out? GREAT interviewing process. That company impresses me. Also, sorry you didn't see the video first! Glad you're here now. :)
@@shawnp0wers Yes i was also very impressed with them! After the interview they invited me to lunch at a nice Ramen shop. It was definitely the best interview process i have been to.
Hello Shawn, thank you for this amazing video first, i just had an issue when i try to connect to to the remote(tast2) so when i typed ssh test2 it gave me this error "ssh : could not resolve hostname rocky: name or service not know" but if i use "test@x.x.x.x" it will work fine what i think is that i must edit the host file so i can define ip=machine so i can reference it with user only instead of ip if am correct in this how i can manage to do that? sorry in advance if my English is so bad (it's my second language) كل الحب ❤
A few years ago I was hand overing a windows network with an only one Linux server to a new administrator that had no experience with Linux. Poor guy was in shock the whole day when he asked for SSH password and I told him that it doesn't have any & you should use a key to login, cause he though it was a security flaw! 😅
Yes - you can specify key only for certain accounts, or you can disable password logins altogether. :) Also - this isn’t the official thanks from me, but thank you for becoming a Patron!!! You’re part of the reason I’m not home!
Hi Shawn, I am following along with you, does it work with a virtual machine installed on top of my linux mint computer? It errors out when I try to copy the key ERRORL ssh: connect to host (hostname) port 22: Connection refused
It should work, assuming the virtual machine networking can connect to wherever you're trying to connect -- but connection refused might mean the computer you're connecting to doesn't have the ssh server installed... "sudo apt install openssh-server" on the computer you're trying to ssh into will make sure the service is running on the remote machine. (you have to do that *on* the remote machine, to be clear) If that doesn't help, give me some more details. :)
Is there any way to protect the ssh port using an internal vpn on the server that only the ssh is local and through the vpn one is the only one that has access to that port
This addresses the situation (pin not intended, but lol) - serverfault.com/questions/605446/make-sshd-listen-to-a-specific-interface And while I didn’t read the entire thread, you could probably limit access with the local firewall too, if not with the ssh daemon directly. Hope that helps!
That's true. It means another set of authentication issues to deal with if you're trying to automate things, but indeed it can add a layer of security on to SSH keys. :)
good to get that notification, awesome tutorial. The weird thing is even though I know all of it, it is really exciting to watch the entire videos :D
That’s great to hear! It’s funny, I still learn little things I didn’t know when I’m making “entry level” videos. Like I had to actually figure out why/how eval was required, etc. It’s been muscle memory for so long, that the details get fuzzy. :)
@@shawnp0wers yeah this is absolutely correct. I recently did a little research about SSH key management and logging in with those, this is why I said "all of it" 😂
Very enjoyable to watch and learn, thanks! Another idea: how to enable https for home lab lan without having a public domain.
Great stuff. Better understand SSH-AGENT now. Never saw the backtick trick. Nice 🙂
Great video Shaun! I am setting up NAPALM for netbox and was struggling to understand a article on how to setup the SSH part... but it makes sense now :D
Oh sweet! I'm glad it helped! (the passphrase/no_passphrase/agent stuff can be mind bending!!!)
I knew you can do the eval to set this up, but it never occurred to me that I can copy and paste the export statements to all my terminals. Now I am not "stuck" with that specific terminal. Thanks for this video!
Good point! I hadn’t considered that, even after making the video. Nice!
Yeah, that definitely filled in gaps in my knowledge about SSH-Agent. I've been meaning to setup keypairs for my proxmox server.
Nice! I need to get certs installed on my proxmox servers... Since they're internal, I've been lazy about it...
@@shawnp0wers Haha same! That's been in the back of my mind for several months.
Finally found the time to digest this video, thanks Shaun.... Just implemented this on my proxmox server 🙂 moving between servers is now a breeze
Sweet!!!
Thank you so much for this video tutorial
You make learning fun. Thank you!
Thank you!
In the recent interview i had for a junior linux sysadmin position one of the tests they gave me was configure ssh rsa login for a user in linux. They allowed me to google so i managed but it took time. I wish i had watched this before.
Ok... I have to say, them letting you use google was incredible. I know I say it a lot, but that's how sysadmins do things. We can't remember everything all the time. Being able to google in an interview, and showing your ability to figure stuff out? GREAT interviewing process. That company impresses me.
Also, sorry you didn't see the video first! Glad you're here now. :)
@@shawnp0wers Yes i was also very impressed with them! After the interview they invited me to lunch at a nice Ramen shop. It was definitely the best interview process i have been to.
it was a great video for beginners like me
Hello Shawn, thank you for this amazing video first, i just had an issue when i try to connect to to the remote(tast2) so when i typed ssh test2 it gave me this error "ssh : could not resolve hostname rocky: name or service not know"
but if i use "test@x.x.x.x" it will work fine
what i think is that i must edit the host file so i can define ip=machine so i can reference it with user only instead of ip
if am correct in this how i can manage to do that?
sorry in advance if my English is so bad (it's my second language) كل الحب ❤
Excellent!
A few years ago I was hand overing a windows network with an only one Linux server to a new administrator that had no experience with Linux. Poor guy was in shock the whole day when he asked for SSH password and I told him that it doesn't have any & you should use a key to login, cause he though it was a security flaw! 😅
Oof! In his defense, the learning curve is pretty steep. (Which, honestly is why I am so passionate about teaching it!)
@@shawnp0wers and you're the best at it! 🙌🏻❤️
Can you disable the password function for accounts that have a key pair or force the system to only allow a key pair log in for all user accounts?
Yes - you can specify key only for certain accounts, or you can disable password logins altogether. :)
Also - this isn’t the official thanks from me, but thank you for becoming a Patron!!! You’re part of the reason I’m not home!
Hi Shawn, I am following along with you, does it work with a virtual machine installed on top of my linux mint computer? It errors out when I try to copy the key ERRORL ssh: connect to host (hostname) port 22: Connection refused
It should work, assuming the virtual machine networking can connect to wherever you're trying to connect -- but connection refused might mean the computer you're connecting to doesn't have the ssh server installed... "sudo apt install openssh-server" on the computer you're trying to ssh into will make sure the service is running on the remote machine. (you have to do that *on* the remote machine, to be clear)
If that doesn't help, give me some more details. :)
@@shawnp0wers will do and it makes a lot of sense now ! Thank you for quick response
Is there any way to protect the ssh port using an internal vpn on the server that only the ssh is local and through the vpn one is the only one that has access to that port
This addresses the situation (pin not intended, but lol) - serverfault.com/questions/605446/make-sshd-listen-to-a-specific-interface
And while I didn’t read the entire thread, you could probably limit access with the local firewall too, if not with the ssh daemon directly. Hope that helps!
Or you can have an encrypted home folder.
That's true. It means another set of authentication issues to deal with if you're trying to automate things, but indeed it can add a layer of security on to SSH keys. :)