i have been trying to set up a lan only ssh server so i can access high powered computing from my android phone as well. i simply wish to work on programming problems while laying down as i am ill.
i have added custom options to a .conf file at /etc/ssh/sshd_config.d/ and have made sure it is included in the original /etc/ssh/sshd_config file as well.
however, i cant seem to get my head around the actual key pair authentication.
how could it be that i am generating a key pair on my client device, but should be able to ssh-copy-id my public key to authorized_keys file of the very server connection i am trying to connect to? naturally this fails with a connection refused since i am not allowed to connect in the first place.
i tried copying the file locally to the server and adding it via >>, but i’m still unable to get access even with a restart of the entire daemon service.
moreover, the ubuntu tutorials have some oddities that do not work on the new 24.04 distro –
there is no such service sshd.service that is able to be started by systemctl, i am simply having to sudo start the ssh service which in turn runs the daemon as an elevated service as verified by ps -A
another issue that is giving me trouble is that the daemon is connecting via ipv6. i actually would like to use ipv6 since it is modern, but i am unable to find an example on how to do this:
for ipv4 we would do:
ssh [email protected]
but what to do for ipv6? these fail:
ssh user@::
ssh user@[::]
ssh user@::1
ssh user@[::1]
these addresses show up as being connected to port 22 so i am sure one of these are the target ip. even if i used the mapped ipv4 the connection is refused - obviously since the key has not been authorized in the first place...
every single source/guide i have looked up seems to become very obscure at exactly around this point so it is rather frustrating. others expect me to read through their entire sysadmin course material or the entirety of ssh, sshd, sshd_config, ssh_client, ssh_server man pages which is not feasible for me at the moment. i am simply trying to connect locally, not constructing an enterprise intra net.
are there any full thorough guides or advice that would enable me to sort this out? any links would be greatly helpful & appreciated as well.
Apparently the unit file of the deamons dropped their ‘d’ in newer debians.
so the unit file is now called ssh.service
ip v4 or v6 are network layers, they do not impact applicative layer.
To connect to the loopback (no network) use ssh $user@::1 or ssh $user@'::1' work fine.
To connect from internet use the global ip see ip -br a, make sure you can ping first.
From a phone there apps like juice-ssh that take care of the key generation for you.
https://juicessh.com/faq/how-do-i-generate-an-ssh-key-within-juicessh