Security & Privacy
SSL/TLS
Check client (browser, typically) and server capabilities:
https://www.howsmyssl.com/
https://cc.dcsec.uni-hannover.de/
https://www.ssllabs.com/
Check client (browser, typically) and server capabilities:
https://www.howsmyssl.com/
https://cc.dcsec.uni-hannover.de/
https://www.ssllabs.com/
OpenSSH
Standard TCP port is 22.
The ssh-keygen utility produces the public and private keys, always in pairs.
ssh
ssh -V gives version & exits.
ssh -v gives debugging messages; up to 3 v's may be given.
The list of authorized public keys is typically stored in the home directory of the user that is allowed to log in remotely, in the file ~/.ssh/authorized_keys. This file is respected by ssh only if it is not writable by anything apart from the owner and root.
System-wide configuration file (/etc/ssh/ssh_config); the default for the per-user configuration file is ~/.ssh/config.
Files from which the identity (private key) for public key authentication is read : ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 and ~/.ssh/id_rsa for protocol version 2.
~/.ssh/id_dsa.pub, ~/.ssh/id_ecdsa.pub, ~/.ssh/id_ed25519.pub , ~/.ssh/id_rsa.pub : contain the public keys for authentication.
ssh automatically maintains and checks a database containing identification for all hosts it has ever been used with. Host keys are stored in ~/.ssh/known_hosts in the user's home directory. Additionally, the file /etc/ssh/ssh_known_hosts is automatically checked for known hosts.
When connecting to a server for the first time, a fingerprint of the server's public key is presented to the user (unless the option StrictHostKeyChecking has been disabled). Fingerprints can be determined using ssh-keygen(1): $ ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key
Standard TCP port is 22.
The ssh-keygen utility produces the public and private keys, always in pairs.
- ssh(1) - The basic rlogin/rsh-like client program.
- sshd(8) - The daemon that permits you to login.
- ssh_config(5) - The client configuration file.
- sshd_config(5) - The daemon configuration file.
- ssh-agent(1) - An authentication agent that can store private keys.
- ssh-add(1) - Tool which adds keys to in the above agent.
- sftp(1) - FTP-like program that works over SSH1 and SSH2 protocol.
- scp(1) - File copy program that acts like rcp(1).
- ssh-keygen(1) - Key generation tool.
- sftp-server(8) - SFTP server subsystem (started automatically by sshd).
- ssh-keyscan(1) - Utility for gathering public host keys from a number of hosts.
- ssh-keysign(8) - Helper program for hostbased authentication.
ssh
ssh -V gives version & exits.
ssh -v gives debugging messages; up to 3 v's may be given.
The list of authorized public keys is typically stored in the home directory of the user that is allowed to log in remotely, in the file ~/.ssh/authorized_keys. This file is respected by ssh only if it is not writable by anything apart from the owner and root.
System-wide configuration file (/etc/ssh/ssh_config); the default for the per-user configuration file is ~/.ssh/config.
Files from which the identity (private key) for public key authentication is read : ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 and ~/.ssh/id_rsa for protocol version 2.
~/.ssh/id_dsa.pub, ~/.ssh/id_ecdsa.pub, ~/.ssh/id_ed25519.pub , ~/.ssh/id_rsa.pub : contain the public keys for authentication.
ssh automatically maintains and checks a database containing identification for all hosts it has ever been used with. Host keys are stored in ~/.ssh/known_hosts in the user's home directory. Additionally, the file /etc/ssh/ssh_known_hosts is automatically checked for known hosts.
When connecting to a server for the first time, a fingerprint of the server's public key is presented to the user (unless the option StrictHostKeyChecking has been disabled). Fingerprints can be determined using ssh-keygen(1): $ ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key