drwasabi
/
site
forked from team/site
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix windows terminal recommendations

This commit is contained in:
Ben Harris 2019-02-04 10:35:39 -05:00
parent af225b4924
commit d026edfd2e
1 changed files with 43 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
wiki/pages/ssh.md
View File

@ -3,22 +3,23 @@ author: ~ben
published: true
title: ssh
description: ssh tutorial and background info
category:
- main
category:
- main
---
# ssh
*or, how to tell other computers to do cool things*
_or, how to tell other computers to do cool things_
---
> all users are now required to use an ssh keypair for login, or will be required to proceed with manual account recovery with [~ben](/~ben/) or another admin. drop a line to [sudoers@tilde.team](mailto:sudoers@tilde.team) or hop on [irc](https://web.tilde.chat/?join=sudoers) for assistance.
> all users are required to use an ssh keypair for login, or will be required to proceed with manual account recovery with [~ben](/~ben/) or another admin. drop a line to [sudoers@tilde.team](mailto:sudoers@tilde.team) or hop on [irc](https://web.tilde.chat/?join=sudoers) for assistance.
## tilde.team details
ports 22, 80, 443, and 2222 are available for ssh.
the primary ip has 80 and 443 in use by nginx.
the primary ip has 80 and 443 in use by nginx.
use ssh.tilde.team to reach the secondary ip and use 80 and 443 for ssh.
@ -29,13 +30,13 @@ ssh -p 443 user@ssh.tilde.team
ssh user@tilde.team # this uses port 22, which can be blocked on some networks
```
---
## intro
** if you just want to get right to a tutorial you can [skip over this background info](#how-to-make-an-ssh-key)**
while [tilde.team](https://tilde.team) is accessible on the web and features lovely web pages written by its users, all of the interaction with tilde.team takes place **inside the machine** that runs tilde.team as opposed to via web forms that have an effect from **outside** tilde.team's computer.
while [tilde.team](https://tilde.team) is accessible on the web and features lovely web pages written by its users, most interaction with tilde.team takes place **inside the machine** that runs tilde.team as opposed to via web forms that have an effect from **outside** tilde.team's computer.
this is what sets tilde.team apart from most other online communities. you connect directly to another computer from yours alongside other people and then write your web pages, chat, and play games all via text-based interfaces right on tilde.team's computer.
@ -43,16 +44,15 @@ prior to the web (which debuted in 1995) this is how pretty much all computer st
for a long time, people used a tool called [`telnet`](https://en.wikipedia.org/wiki/telnet) to connect to other computers. these days we use a tool called **ssh**.
`ssh` is a text-based tool that provides a direct connection from your computer to another. ssh is an acronym that stands for secure shell. the *shell* part refers to the fact that it's a text-based tool; we use the word shell to refer to a text-based interface that you give commands to. the *secure* part refers to the fact that, when you're using ssh, no one can spy on your connection to another computer (unlike the old `telnet` command).
**why bother with all of this?** passwords are really insecure and hard to manage. using keys makes life easier for you, fair user (your account is less likely to be hacked) and for me, your humble sysadmin (less administration than passwords).
`ssh` is a text-based tool that provides a direct connection from your computer to another. ssh is an acronym that stands for secure shell. the _shell_ part refers to the fact that it's a text-based tool; we use the word shell to refer to a text-based interface that you give commands to. the _secure_ part refers to the fact that, when you're using ssh, no one can spy on your connection to another computer (unlike the old `telnet` command).
**why bother with all of this?** passwords are really insecure and hard to manage. using keys makes life easier for you, fair user (your account is less likely to be hacked) and for me, your humble sysadmin (less administration than passwords).
---
## how to make an ssh key
SSH supports a handful of types of cryptographic keys. The most used are [RSA](https://en.wikipedia.org/wiki/RSA_(cryptosystem)) and the more modern [Ed25519](https://en.wikipedia.org/wiki/EdDSA#Ed25519).
SSH supports a handful of types of cryptographic keys. The most used are [RSA](<https://en.wikipedia.org/wiki/RSA_(cryptosystem)>) and the more modern [Ed25519](https://en.wikipedia.org/wiki/EdDSA#Ed25519).
RSA is the de-facto standard and is supported everywhere (just choose a big enough key like 4096bits to be secure). Ed25519 is designed to be faster and smaller withouth sacrificing security, so is best suited for embedded devices or machines with low resources. It's supported on tilde (and really on anymodern system) but you may find older systems which do not support it.
@ -61,30 +61,34 @@ Below you'll find instructions to generate either type (or both if you want).
Keep in mind that these instructions leave your private keys unencrypted in your local hard disk. So keep them private; never share them.
A good solution is to provide a password for them at creation time, but this implies entering a password any time you used them (impractical) or use something like [ssh-agent](https://man.openbsd.org/ssh-agent.1) (a bit more complex)
We don't have documentation for this [(yet)](https://tildegit.org/team/site/src/branch/master/wiki) so either go with no password keys, or ask on IRC (#team) for help.
We don't have documentation for this [(yet)](https://tildegit.org/team/site/src/branch/master/wiki) so either go with no password keys, or ask on IRC ([#team](https://web.tilde.chat/?join=team)) for help.
pick your fighter: [[mac](#mac)] | [[windows](#windows)] | [[linux](#linux)]
---
### mac
#### generating your keypair
1. open terminal (it's in `/Applications/Utilities`)
1. create your .ssh directory:
1. create your .ssh directory:
```bash
mkdir -m 700 ~/.ssh
```
1. create your keys:
1. create your keys:
for rsa keys:
For RSA keys:
```bash
ssh-keygen -t rsa -b 4096
```
For Ed25519 keys:
for dd25519 keys:
```bash
ssh-keygen -t ed25519 -a 100
```
@ -102,15 +106,17 @@ once [~ben](https://tilde.team/~ben/) or another admin approves your signup, you
1. open terminal (it's in `/Applications/Utilities`)
1. `ssh` to tilde.team:
```bash
ssh username@tilde.team
```
where username is your username (~ben would use `ssh ben@tilde.team`)
1. profit???
---
### windows
there are a couple options for using ssh on windows these days. i like to use [git bash](https://git-scm.com).
@ -118,28 +124,29 @@ there are a couple options for using ssh on windows these days. i like to use [g
#### generating your keypair
choose from any of the following options:
* [windows subsystem for linux](https://docs.microsoft.com/en-us/windows/wsl/install-win10)
* [cmder](http://cmder.net)
* [cygwin](https://cygwin.com)
* [putty](https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html)
* [msys2](http://www.msys2.org/)
* [git bash](https://git-scm.com)
- [windows subsystem for linux](https://docs.microsoft.com/en-us/windows/wsl/install-win10)
- [msys2](http://www.msys2.org/)
- [git bash](https://git-scm.com)
1. open your new shell
1. create your .ssh directory
```bash
mkdir .ssh
```
1. create your keypair
For RSA keys:
for rsa keys:
```bash
ssh-keygen -t rsa -b 4096
```
For Ed25519 keys:
for ed25519 keys:
```bash
ssh-keygen -t ed25519 -a 100
```
@ -150,7 +157,6 @@ ssh-keygen -t ed25519 -a 100
1. copy the output of the last command and paste it in the sshkey field on the signup form (or email it to [~sudoers](mailto:sudoers@tilde.team) if you already have an account)
#### using your keypair
once [~ben](https://tilde.team/~ben/) or another admin approves your signup, you can join the tilde.team
@ -158,15 +164,17 @@ once [~ben](https://tilde.team/~ben/) or another admin approves your signup, you
1. open terminal (it's in `/Applications/Utilities`)
1. `ssh` to tilde.team:
```bash
ssh username@tilde.team
```
where username is your username (~ben would use `ssh ben@tilde.team`)
1. profit???
---
### linux
there are a lot of linux distros, but `ssh` and `ssh-keygen` should be available in almost all cases. if they're not, look up how to install ssh for your distro.
@ -174,18 +182,21 @@ there are a lot of linux distros, but `ssh` and `ssh-keygen` should be available
#### generating your keypair
1. make sure you have a `~/.ssh` directory
```bash
mkdir -m 700 ~/.ssh
```
1. create your keys
For RSA keys:
for rsa keys:
```bash
ssh-keygen -t rsa -b 4096
```
For Ed25519 keys:
for ed25519 keys:
```bash
ssh-keygen -t ed25519 -a 100
```
@ -196,7 +207,6 @@ ssh-keygen -t ed25519 -a 100
1. copy the output of the last command and paste it in the sshkey field on the signup form (or email it to [sudoers@tilde.team](mailto:sudoers@tilde.team) if you already have an account)
#### using your keypair
once [~ben](https://tilde.team/~ben/) or another admin approves your signup, you can join the tilde.team
@ -204,9 +214,11 @@ once [~ben](https://tilde.team/~ben/) or another admin approves your signup, you
1. open a terminal (this depends on your distro)
1. `ssh` to tilde.team:
```bash
ssh username@tilde.team
```
where username is your username (~ben would use `ssh ben@tilde.team`)
1. profit???
@ -214,4 +226,3 @@ where username is your username (~ben would use `ssh ben@tilde.team`)
---
this tutorial is based on and uses parts of [the tilde.club ssh primer](https://github.com/tildeclub/tilde.club/blob/master/docs/ssh.md) and [the tilde.town ssh guide](https://tilde.town/wiki/ssh.html).