warning: Creating default object from empty value in /data/web/1/000/027/003/273448/htdocs/ on line 33.

Install SSH VPN server

export CONTAINER=vpn

# create container
# TODO: configure MAC on create container
wget -q --no-check-certificate -O - | bash -s -- -f

# configure container MAC address
sed -i 's| = .*| = 00:11:22:33:44:5e|' /var/lib/lxc/${CONTAINER}/config

# enable autostart
echo " = 1" | tee -a /var/lib/lxc/${CONTAINER}/config

# configure container
##echo "lxc.hook.autodev=/var/lib/lxc/vpn/autodev" >> /var/lib/lxc/${CONTAINER}/config

Create a restricted user for SSH tunneling

wget -q --no-check-certificate -O - | bash -


# create new restricted user
useradd tunnel --gid nogroup --create-home --skel /dev/null --shell /bin/rbash

# set random encrypted password to enable login
echo "tunnel:$(openssl rand -base64 32)" | chpasswd

# create authorized_keys
mkdir /home/tunnel/.ssh
chmod 700 /home/tunnel/.ssh
touch /home/tunnel/.ssh/authorized_keys
chmod 600 /home/tunnel/.ssh/authorized_keys

# remove path to programs
echo 'PATH=' > /home/tunnel/.profile
chmod 400 /home/tunnel/.profile

# restrict permissions
chmod 500 /home/tunnel
chown tunnel:nogroup /home/tunnel -R

Add your public key(s)
cat /tmp/authorized_keys > /home/tunnel/.ssh/authorized_keys
sed -i 's|ssh-rsa|command="/bin/false",no-pty,no-X11-forwarding ssh-rsa|g' /home/tunnel/.ssh/authorized_keys

# parameter


Rsync SSH backup script

cat <<EOF> ~/privat/scripts/
nice -n 20 rsync -avze ssh --delete --exclude-from=/home/pako/.gvfs /home/pako pako@fs:/mnt/pakonb

SSH authentication with pre-shared key

Create new key on client
#ssh-keygen -t rsa
#(confirm with 3x with enter to leave passphrase empty)
ssh-keygen -q -f ~/.ssh/id_rsa -N ''

Copy public key to server
ssh-copy-id ${USER}@

Test login
ssh -v ${USER}@

Login with private key
ssh -i ./backup_ssh_key/id_rsa USER@YOUR_SERVER

Import own ssh key by using previous / master ssh key
cat ~/.ssh/ | ssh -i ./backup_ssh_key/id_rsa USER@YOUR_SERVER 'cat >> .ssh/authorized_keys'

Syndicate content