Note: This post is outdated. I’d recommend against using RSA for new systems — prefer Ed25519 or ECDSA instead. I also wish I’d learned more about the SSH protocol earlier.

This guide uses Debian 12 in a VM on Proxmox. A fresh Debian install should have the user configured with sudo already.

1. Install OpenSSH Server

sudo apt install openssh-server

2. Confirm SSH Access

ssh username@ipaddress

3. Generate SSH Keys

RSA is used here for familiarity but Ed25519 is faster and more secure. Never share your private key.

ssh-keygen -t rsa -b 4096 -f ~/.ssh/[filename] -C "[useful comment]"

Options:

• -t rsa — RSA encryption
• -b 4096 — 4096-bit key size
• -f — key file name and location
• -C — identifying comment

4. Copy the Public Key to the Server

ssh-copy-id -i .ssh/[filename] username@ipaddress

This creates ~/.ssh/authorized_keys on the server automatically.

5. Disable Password Authentication

sudo vim /etc/ssh/sshd_config

Add:

PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM no

6. Set a Static IP

# Identify your network interface
ip a

# Edit the interfaces file
sudo vim /etc/network/interfaces

# Add under your primary interface:
# iface [interface] inet static
# address [ip address]
# gateway [default gateway]

# Apply changes
sudo systemctl restart networking
sudo reboot

# Verify after reboot
ip a

7. SSH Agent for Passwordless Login

eval $(ssh-agent)
ssh-add ~/.ssh/[keyname]

8. SSH Config File

Create ~/.ssh/config to avoid running eval $(ssh-agent) each session:

Host Debian-Server
  Hostname 192.168.1.20
  User joseph
  Port 2222

Host Win-Server
  Hostname 192.168.1.53
  User joseph

Then connect with just:

ssh Debian-Server
ssh Win-Server

Last modified on 2024-12-07