Categories
Linux

Run commands over SSH

Run one or multiple commands on a remote server

ssh root@host <<'ENDSSH'
#commands to run on remote host
ENDSSH

Run a local script on a remote server. (none interactive, cant open nano). the script does not need to start with #/!bin/bash

ssh root@host < dalesjo-install-postfix.sh

Run a command interactive, ex start nano on remote server.

ssh -t root@cdn2.dalesjo.com 'nano /etc/postfix/main.cf'
Categories
Linux

SSH Filtering

The goal is to allow root to login with username/password from local IP-addresses. But only allow root to login with public key authentication from internet.

First change the following settings in /etc/ssh/sshd_config. this will allow normal users to login with username/password but root users must use public key authentication.

PasswordAuthentication yes
PermitRootLogin without-password

Second, add the following to the end of /etc/ssh/sshd_config. Its important that you are in the end of the file because how sshd_config is read by the daemon.

Match address 192.168.0.0/16
 PermitRootLogin yes