---------------[ How to configure SSH for typing less ]------------------- During the class, you saw me type "ssh cs60base" and immediately log into virtual machine and get a shell. Here's a brief note on how to set this up. 0. -----------[ Connectivity check. Check that you have connectivity to your VM and that the SSH daemon is running in your VM. The simplest way to do it is with Netcat. You will see the first stage of an SSH connection: the remote server announces its version, in plain text: $ nc 192.168.56.100 22 SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.1 ^C (if you are curious: the server expects your SSH client's version string in return, then will list the kinds of crypto authentication algorithm it supports, and will expect yours in return. After that, it will switch to encrypted text. Paste the version string right back, and you can see the algorithm list). 1. -----------[ Generate an RSA key pair on your host: $ ssh-keygen -t rsa -f cs60base_id_rsa Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in cs60base_id_rsa. Your public key has been saved in cs60base_id_rsa.pub. The key fingerprint is: 8a:de:2d:ea:45:e6:54:e7:76:61:58:ce:9a:cd:1a:b9 sergey@firefly The key's randomart image is: +--[ RSA 2048]----+ | . | | = | | . o = | | . o B . | | + S B + | | * . . = | | . + E | | . o.. | | .+.... | +-----------------+ I gave no passphrase. This means that anyone who gets a hold of my private key will be able to immediately log into cs60base with my setup. Of course, for that they would need to reach it over a network first (and if they manage to steal the file from my host machine, I have a bigger problem). Your PRIVATE key is cs60base_id_rsa . It stays on your host, and is the secret checked against your PUBLIC key, cs60base_id_rsa.pub, which is placed on the computer you want to log into (i.e., your VM). Note file permissions: $ ls -l cs60base_id_rsa* -rw------- 1 sergey staff 1675 May 7 13:03 cs60base_id_rsa -rw-r--r-- 1 sergey staff 406 May 7 13:03 cs60base_id_rsa.pub ^ The private key is only readable to me. The public key is readable to all. 2. -----------[ Place the public key on the VM. Your public key file is exactly one line: $ wc cs60base_id_rsa.pub 1 3 406 cs60base_id_rsa.pub This line should go into ~/.ssh/authorized_keys in your VM (where ~/ is Bash shell shorthand for your home directory, so it will be /home/hacker/.ssh/authorized_keys in the VM). If you don't have a .ssh directory, create it. There are many ways to copy the cs60base_id_rsa.pub file over and then add it to ~/.ssh/authorized_keys . You can do it with one command like so: $ cat cs60base_id_rsa.pub | ssh hacker@192.168.56.100 "cat >> ~/.ssh/authorized_keys" This runs a command on the remote machine to append whatever comes in on standard input to the authorized_keys file. What comes in is the contents of cs60base_id_rsa.pub, piped by cat into ssh on my host. The quotes are important, as they make sure redirection happens on the remote machine, i.e., the VM. Such tricks with executing remote commands and piping input into them are very common in Unix system administration. Important: your .ssh directories and your private keys should be readable only to you. Otherwise SSH will refuse to use them. Check: $ hacker@cs60base:~$ ls -ld ~/.ssh drwx------ 2 hacker hacker 4096 Apr 26 21:03 /home/hacker/.ssh $ ls -ld ~/.ssh drwx------ 43 sergey staff 1462 May 5 14:39 /Users/user/.ssh 3. -----------[ Configure your SSH on host Put the following in your host's ~/.ssh/config : Host cs60base HostName 192.168.56.100 User hacker IdentityFile ~/.ssh/cs60base_id_rsa This creates an alias "cs60base" for any SSH and SCP connections, which resolves to the particular IP address, username, and key to use. Put your private key cs60base_id_rsa into your ~/.ssh directory. I put my public key there as well, so that they are in the same place; but it won't be used by your SSH, only by the SSH daemon on remote machines (after you put its line of contents into their authorized_keys). That's it. Now you can "ssh cs60base" and get a login shell on the VM: $ ssh cs60base Welcome to Ubuntu 16.04.2 LTS (GNU/Linux 4.8.0-46-generic x86_64) Last login: Sun May 7 12:39:29 2017 from 192.168.56.1 hacker@cs60base:~$ Now you can run emacs, gcc, tcpdump, etc. It also makes copy-pasting easier, since you don't have to switch between MacOS and Linux conventions. To copy files, you can now use passwordless scp. $ scp somefile cs60base: will copy somefile into your home directory on the VM.