Linux SSH configuration

tux linux ssh

Things covered here:-

    • Hardware overview
    • Network configuration
    • Update the system and installing ssh client and/or server
    • Using simple naming
    • Logging into and sending files over secure channels
    • Restricting users and IP addresses
    • Router settings for web access
    • Router setting for portforwarding to a server
    • Dispensing with password verification


Hardware overview

Let’s suppose we have 4 raspberry pi computers, a desktop computer and another computer acting as an internet accessible ssh server, all to be given unique static IP addresses. We also have them all connected into a switch and a router with Cat5 LAN cables. The router’s IP address is assumed to be, accessible with your browser.


Network configuration

will tell you the name of the network card, usually “eth0”.


Then use one of the following three methods:

Use the network widget on your desktop to set up a unique static address.


Or precede with sudo an editor (such as nano) command of the file /etc/dhcpcd.conf thusly, using unique “address” lines for each computer:


Or edit /etc/network/interfaces thusly


Save the file and restart the network with the new configuration file


You can test the card is configured by pinging it and Google with


Update the system and installing the ssh client and/or server

With Raspbian, which is a Debian packages based system, run on all machines in turn


Using simple naming

Edit the file /etc/hosts on the desktop computer thusly:


Logging into and sending files over secure channels.

To log from your desktop account to your account on Pi number 3 you can do


To log in with the ability to run X Window applications do


To copy a file to the pi number 3 you can do

NOTE the colon.


To log into a different account on pi number 3 issue


You will be prompted for your password on the server (and the first time a key will be placed in .ssh/known_hosts in your directory).


Restricting users and IP addresses

On the desktop and pi computers edit the file /etc/ssh/sshd_config and add the line:

(paul is just an example here.)


On the server computer use the line


Then restart the ssh server to read the new config file with


Router settings for web access

Only allow your desktop and your server web access by restricting the “IP addresses” and the “MAC addresses” in your router’s software settings.

You can find the details you need to enter by running “sudo ip address” on the desktop and on the server.


Router setting for portforwarding to a server

In the router’s software accessed through a browser set portforwarding as:


Your server is now accessible for anyone on the net — use strong passwords!


Dispensing with password verification

You don’t have present your password if your pi servers recognises a key presented to them To get this working

(do not enter a pass-phrase – leave it blank)



VERY IMPORTANT: You should ensure the permissions of the private key permissions file are -rw——- with


If not use:


Finally, use strong passwords and periodically change them with the passwd command.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.