Shell Alias Commands:

How to add an "Alias" into your shell

Permanent Alias (Persists Across Sessions)

To make an alias permanent, you must add it to your shell's configuration file.

Identify your shell: Most modern systems use Bash or Zsh. You can check yours by typing echo $SHELL.

1. Open the configuration file: Use a text editor like Nano or Vim.

• Bash: nano ~/.bashrc

• Zsh: nano ~/.zshrc

2. Add your alias: Scroll to the end of the file and paste your alias definition:

#My Custom Aliases:

alias drv='ncdu'

alias lumos='eza -lahF'

alias nox='exit'

alias radio='wavemon'

alias ripit='sudo apt autoremove'

alias update='sudo apt update && sudo apt upgrade -y'

alias i='sudo nala install'

alias power='ranger'

alias nukem='sudo apt autopurge'

3. Save and exit: In Nano, press Ctrl + O, Enter, and then Ctrl + X.

4. Reload the file: To use the new alias immediately without restarting, run:

• source ~/.bashrc (for Bash)

• source ~/.zshrc (for Zsh)

SSH: Make Keys

How to configure generate SSH keys (ed25519 - Encryption)

The ssh-keygen Command

• ssh-keygen -t ed25519 -f ~/.ssh/your-key-filename -C "your-key-comment"

That will ask you for a pass phrase and then show you a random art image that represents your public key when it is created. The random art is just a visual representation of your key so that you can see it is different from others.

Here is the breakdown of the ssh-keygen command provided:

ssh-keygen :

The base command used to create, manage, and convert authentication keys for SSH.

-t ed25519 : 

-t: Stands for type. It specifies the digital signature algorithm used to generate the key pair.

ed25519: A modern elliptic curve algorithm known for being faster and more secure than traditional RSA. It is the current standard for professional users.

-f ~/.ssh/your-key-filename :

-f: Stands for filename.

~/.ssh/your-key-filename: Specifies the exact custom path and name where the private key will be saved. If omitted, the system defaults to a standard path like ~/.ssh/id_ed25519. The corresponding public key will automatically be named with a .pub extension (e.g., your-key-filename.pub).

-C "your-key-comment" :

-C: Stands for comment.

"your-key-comment": A label added to the end of the public key file to help you identify it. Commonly used to store an email address or the purpose of the key (e.g., "github-work-laptop"). This is purely for organizational purposes and does not affect the key's security.

Always use a passphrase

Your SSH key is just a tiny file on disk. If your machine is ever lost, stolen, or compromised in any way by an attacker, the file is pretty easy for them to copy. Without it being encrypted with a pass phrase, it is directly usable. And if someone has access to your SSH private key, they probably have access to your bash or terminal history and would know where to use it.

As such, it is important to protect your SSH private key with a decent pass phrase. To avoid typing your pass phrase over and over, use the SSH-Agent, which will remember it for your session.

SSH Connections:

How to configure ssh client to use private keys automatically

Create a ~/.ssh/config file. That lets you define a shortcut name for a host, the username you want to connect as, and which key to use. Here's part of mine, with hostnames obfuscated:

Host tabs

HostName tabs.com

Port 22

User me

IdentityFile ~/.ssh/new_rsa

Host scm.company.com

User cap

IdentityFile ~/.ssh/git_rsa

Host project-staging

HostName 50.56.101.167

Port 22

User me

IdentityFile ~/.ssh/new_rsa

With this I can say, ssh tabs and get connected to host tabs.com as user me, with key new_rsa, as though I'd used ssh me@tabs.com -i ~/.ssh/new_rsa.

Adding an SSH key to the agent on Ubuntu is a two-step process: you first start the agent and then add the specific key file.

1. Start the SSH Agent

Before adding keys, ensure the ssh-agent is running in your current terminal session.

Run the following command:

• eval "$(ssh-agent -s)"

You should see a message similar to Agent pid 1234, confirming it is active.

2. Add Your SSH Key

Standard Key: To add your default private key (e.g., id_rsa or id_ed25519), simply run:

• Ssh-add

Specific Key: If your key has a custom name or is in a different location, specify the path:

ssh-add ~/.ssh/your_key_name

Verification: Confirm the key was successfully added by listing all identities currently in the agent:

• ssh-add -l

Troubleshooting & Permanent Setup

Permissions: The agent will ignore keys with loose permissions. Ensure your private key is protected:

• chmod 600 ~/.ssh/your_key_name

Automatic Loading: To avoid re-adding keys after every reboot, you can modify your SSH config file at ~/.ssh/config by adding:

Host *

AddKeysToAgent yes

Harden SSH Settings:

Harden SSH Configuration

Securing your Ubuntu server by disabling password authentication and root login is one of the most effective ways to stop brute-force attacks in their tracks. By the end of this guide, you’ll be logging in with a cryptographic key—the digital equivalent of a physical deadbolt.

## Phase 1: Generate Your SSH Key Pair

First, you need a key pair on your **local machine** (your laptop or desktop). We’ll use **Ed25519**, which is currently the most secure and efficient algorithm available.

1. Open your terminal and run:

`ssh-keygen -t ed25519 -C "your_email@example.com"`

2. Press **Enter** to save it in the default location (`~/.ssh/id_ed25519`).

3. **Optional but Recommended:** Enter a passphrase. This adds a second layer of security if your laptop is ever lost or stolen.

## Phase 2: Transfer the Public Key to Ubuntu

Now, you need to give your server the "lock" that matches your "key." Replace `username` and `ip_address` with your actual server details.

Run this command from your **local machine**:

`ssh-copy-id username@ip_address`

> **Note:** If you are on Windows and don't have `ssh-copy-id`, you can manually copy the contents of your `id_ed25519.pub` file and paste it into the `/home/username/.ssh/authorized_keys` file on your server.

## Phase 3: Harden the SSH Configuration

Now that your key is installed, we need to tell the server to stop accepting passwords and ignore the root user.

1. **Log in to your server:** ssh username@ip_address

2. **Open the SSH config file:** sudo nano /etc/ssh/sshd_config

3. **Find and modify these specific lines:**

| Setting | Change to | Why? |

| `PermitRootLogin` | `no` | Prevents attackers from targeting the 'root' account directly. |

| `PasswordAuthentication` | `no` | Stops brute-force password guessing scripts. |

| `PubkeyAuthentication` | `yes` | Ensures you can still get in using your keys. |

| `ChallengeResponseAuthentication` | `no` | Disables further keyboard-interactive authentication. |

4. **Save and Exit:** Press `Ctrl + O`, `Enter`, then `Ctrl + X`.

## Phase 4: Test and Reload

**Warning:** Do not close your current terminal window yet! If you made a mistake in the config, you could lock yourself out of the server permanently.

1. **Check the config for syntax errors:**

sudo sshd -t

2. **If no errors appear, reload the service:**

sudo systemctl restart ssh

3. **The Litmus Test:** Open a **new** terminal window on your local machine and try to log in. You should be granted access immediately (or after entering your key's passphrase) without being asked for your Ubuntu user password.

### Pro-Tip: Use a Config File

Tired of typing `ssh username@192.168.1.50` every time? On your local machine, edit (or create) `~/.ssh/config` and add:

Host myserver

HostName 192.168.1.50

User username

IdentityFile ~/.ssh/id_ed25519

Now, you can just type `ssh myserver` and you're in after you enter the key passphrase once.