ssh server

  1. ssh -Q kex
  2. ssh -G USER@HOST G ^kexalgorithms
  3. ssh -v USER@HOST #debug1: kex

vim /etc/ssh/sshd_config

AllowUsers *@123.456.789.* USER@IP

KexAlgorithms sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group14-sha256
Tags
ssh

ssh client

~/.ssh/config

Host ALIAS
 HostName HOST.DOM.TLD
 User USER
 
# client_loop: send disconnect: Broken pipe # NAT/Firewall Termination
Host *
 TCPKeepAlive yes
 ServerAliveInterval 30
 ServerAliveCountMax 5

init

  1. ssh-keygen -t ed25519
  2. cat ~/.ssh/id_ed25519.pub
  3. ssh-copy-id -i $HOME/.ssh/id_ed25519.pub root@bubu
  4. echo "id_ed25519 ...
Tags
ssh

SFTP Backup User

Overview

  • User backup is used for secure remote backups via SFTP only.
  • Access is restricted to a chroot jail.
  • No shell access is allowed.

Login Details

  • Host: dioxi.ddns.net
  • Port: 22
  • Username: backup
  • Protocol: SFTP
  • Remote directory after login: /data

Directory Structure

  • /mnt/data/backup → chroot jail (owned by root)
  • /mnt/data/backup/data
Tags
ssh