Skoči na vsebino

Linux Server tips

Some linux server, homelab tips

passwords and sudo

  • passwordless sudo: sudo visudo
  • change password: sudo passwd <user>

SSH keys configuration

configuring on client machine

  • generate a new SSH key pair:
    • ssh-keygen -t ed25519 -C "<device-name>"
    • ed25519: private key → stays on this device only
    • ed25519.pub: public key → safe to share with servers and GitHub
  • store generated key on github (optional, works as auth for github and allows you to easily deploy to new servers)
    • store: gh ssh-key add ~/.ssh/id_ed25519.pub -t "<device-name>"
    • verify: gh ssh-key list
  • add generated key to ssh agent (optional, allows you to use the key without specifying it every time)
    • macOS/Linux: ssh-add ~/.ssh/id_ed25519
      • if agent is not running, start it: eval "$(ssh-agent -s)"
    • Windows: ssh-add $env:USERPROFILE\.ssh\id_ed25519

  • config on client (optional)

    • macOS/Linux

      Host <host1> <host2>
    User <username>
    IdentityFile ~/.ssh/<identity_file>
    AddKeysToAgent yes
    UseKeychain yes
Host <host1> <host2>
    IdentitiesOnly yes
    ServerAliveInterval 60
    ServerAliveCountMax 3

Host <host3>
    HostName <host1.url>
    User <username>
    IdentityFile ~/.ssh/id_ed25519
    • Windows
      • add key: ssh-add $env:USERPROFILE\.ssh\id_ed25519
      • verify:ssh-add -l
    • troubleshooting
      • verbose: ssh -v user@hostname
      • use specified key: ssh -i %USERPROFILE%\.ssh\id_ed25519 user@hostname

configuring on servers

  • Windows: copy public key to .ssh/authorized_keys on server

  • Linux/macOS:

    mkdir -p ~/.ssh
chmod 700 ~/.ssh # only user can read/write/execute
ssh-copy-id -i <key> <user>@<server>
chmod 600 ~/.ssh/authorized_keys # only user can read/write, no execute

  • Distribute from GitHub

    • gh ssh-key list to get key ids
    • GitHub exposes your public keys at: https://github.com/<username>.keys
    • Deploy to a server in one line: curl https://github.com/<username>.keys >> ~/.ssh/authorized_keys

using SSH keys for GitHub

  • add SSH key to GitHub account (optional, allows you to use SSH for Git operations instead of HTTPS)
    • gh ssh-key add ~/.ssh/id_ed25519.pub -t "<device-name>"
    • verify: gh ssh-key list
  • test SSH connection to GitHub: ssh -T git@github.com