[[fester:ssh_setup]]

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
fester:ssh_setup [2016/06/11 15:48] – [Setting Up an SSH Console] danfester:ssh_setup [2016/06/11 16:27] – [Specify SSH Public Key For a User] dan
Line 1: Line 1:
 ====== Setting Up an SSH Console ====== ====== Setting Up an SSH Console ======
  
-SSH stands for Secure SHell, and is a secure method to connect to a remote computer over a network. +SSH stands for Secure SHell, and is a secure method to connect to a remote computer over a network.  There are many advantages to using an SSH console rather than say the shell facility in the FreeNAS GUI.
-p { margin-bottom: 0.1in; direction: ltr; color: rgb(0, 0, 0); line-height: 120%; }p.western { font-family: "Times New Roman",serif; font-size: 12pt; }p.cjk { font-family: "Times New Roman",serif; font-size: 12pt; }p.ctl { font-family: "Times New Roman",serif; font-size: 12pt; }a:visited { color: rgb(128, 0, 128); }a.western:visited {  }a.cjk:visited {  }a.ctl:visited {  }a:link { color: rgb(0, 0, 255); }There are many advantages to using an SSH console rather than say the shell facility in the FreeNAS GUI.+
  
 The SSH console is a window that has a scrolling function which means you can go back and view the output in the console. You can also select large bodies of text and copy and paste them. This can be particularly useful when trying to get help from someone as they need to see what you have done. It is also useful when compiling data (i.e. SMART test data). The SSH console is a window that has a scrolling function which means you can go back and view the output in the console. You can also select large bodies of text and copy and paste them. This can be particularly useful when trying to get help from someone as they need to see what you have done. It is also useful when compiling data (i.e. SMART test data).
  
-An SSH console is also very secure in two ways. Firstly it requires a Public/Private key and a password before you can log in to the session and the server. Secondly the connection between the server and the client is encrypted. This means any information that goes between the two cannot be read directly.+An SSH console is also very secure in two ways. Firstly it can be configured to require a Public/Private key and a password before you can log in to the session and the server. Secondly the connection between the server and the client is encrypted. This means any information that goes between the two cannot be read directly.
  
 ===== Configure SSH in FreeNAS ===== ===== Configure SSH in FreeNAS =====
 +
 +Open your web browser and type in the IP address of the FreeNAS web GUI that you noted down earlier (Fester used 192.168.0.58).
 +
 +The web GUI will present itself and ask for the login details. Enter the username which is **root** (1) and your password (2) and click the “Log In” button (3).
 +
 +{{:fester:4546365f86b7b6a07f1bd4625a420f41.png}}
 +
 +Now you are logged into FreeNAS.
 +
 +  * Now navigate to the “Services” page (1).
 +  * Click on the tiny spanner icon next to “SSH” (2).
 +  * If you do not want the root user to be able to log in using only a password (i.e., if you want to require a public key, or if you don't want the root user to be able to log in remotely at all), uncheck the “Login as Root with password” tick box (3).
 +  * If you want to require public key authentication, uncheck the “Allow password authentication” tick box (4).
 +  * Make sure the remaining tick boxes are unchecked (5).
 +  * Now click the “OK” button (6).
 +
 +{{:fester:647972c64ceada196469d6534ed658b3.png}}
 +
 +Now turn on the SSH service.
 +
 +{{:fester:3d011781aafeb935e90e626a3467e320.png}}
  
 ===== Specify SSH Public Key For a User ===== ===== Specify SSH Public Key For a User =====
 +
 +If you have required public key authentication in the SSH configuration, you'll need to tell FreeNAS what the public key is for each user who will be connecting via SSH. To do that, Navigate to the “Account” page by clicking on the Account icon (1). Now click on the “Users” button (2).
 +
 +{{:fester:66e90c4c7eff16fe31f901188c5fa71c.png}}
 +
 +Now select the “root” user account (1) (it will turn blue when selected) and click on the “Modify User” button (2).
 +
 +{{:fester:cb56ce7ed62559242f0ad951c5b75c0b.png}}
 +
 +The modify user window should now pop up. Scroll down till you come across the “SSH Public Key:” entry (1).
 +
 +Now right click in the blank box next to it and paste in the previously copied public key (2).
 +
 +Now click the “OK” button (3).
 +
 +{{:fester:d2c38fb0b46a57606ca2906c017b5831.png}}
  
 ===== Setting up PuTTY in Windows ===== ===== Setting up PuTTY in Windows =====
 +
 +Modern operating systems ship with an SSH client installed.  Unfortunately, Windows is still not a modern operating system in this regard, so a third-party client will need to be used.  Popular clients include [[https://www.bitvise.com/|Bitvise]] and [[http://www.chiark.greenend.org.uk/~sgtatham/putty/|PuTTY]].
  
 ===== Public Key Authentication in PuTTY ===== ===== Public Key Authentication in PuTTY =====
  
 ===== Using SSH on a Mac ===== ===== Using SSH on a Mac =====
 +
 +Mac OS X includes an SSH client, but it must be used from the command line.  To use it, you'll need to open a terminal window.  Start by clicking the launchpad button in your dock (it looks like a rocket):
 +
 +{{:fester:d21808b88190d84e81a91130f34f5201.png}}
 +
 +Begin typing "Terminal" into the search bar at the top, until you see the Terminal icon below:
 +
 +{{:fester:d965627bf8dcb92930143db6b71dab8a.png}}
 +
 +Then click on the Terminal icon.  You'll see a window like this:
 +
 +{{:fester:ea1b4f71afc859294997119b0a7d4b3e.png}}
 +
 +To connect to a server using SSH, you can simply type
 +
 +''ssh user@host''
 +
 +Where "user" and "host" are the username and hostname, respectively, that you want to connect to.  For example,
 +
 +''ssh root@freenas''
 +
 +Or you can use an IP address:
 +
 +''ssh [email protected]''
 +
 +If you have required public key authentication on your FreeNAS server, you'll need to generate a keypair.  To do this, type
 +
 +''ssh-keygen -t rsa''
 +
 +...and simply accept the defaults.  The result will look like this:
 +
 +{{:fester:d5d36bb83afae578249c90599f08d75f.png}}
 +
 +The system will prompt you for a passphrase; this is optional.  If you enter a passphrase, you will need to enter it every time you use this keypair (i.e., every time you use ssh).  If you leave the passphrase blank, you won't need to enter it when you connect to a remote server, but neither will a thief who manages to steal your computer.  You'll now need to view your public key, to enter it in the FreeNAS configuration.  To do that, type
 +
 +''cat .ssh/id_rsa.pub''
 +
 +The result will look like this:
 +
 +''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCxoFuJ2Px8sIA0zla1FXjnG+af2kRNhj/FcQ5nhOn6F2LepgXf/4SQFjx5BWaD88H6/06lTaUAqprxKS4m33SKN7poH6RaeIfbJXwjJ/o0Cx0QbugGAeMKjHOBg4fsHwvqGLT7o0lcQ0ubmGBZlSx9R9IFNmnDLAru+Z5gjuAwKCXGw2dxVqbq2IwB3jEoA3bbo8gy6Dso5wV750EC+dYlB/lQrxW/uscgPjpi1XCFVuWtajyz9jujakR1uHuRRphsp56GXVTovwM3P6h52ADDhr5vkfskGKgmETj940x5+MFbmBvC9iIMIeRGLfWIAQY+8NjosQYfieU5U48oDmDb [email protected]''
 +
 +Copy this, all on line line, and paste it into your FreeNAS configuration.
  
 ===== Using SSH on Linux ===== ===== Using SSH on Linux =====
 +
 +SSH on Linux works just like SSH on a Mac.  Follow the instructions above.
  
  • fester/ssh_setup.txt
  • Last modified: 2017/06/29 11:42
  • by dan