This browser-based client has been serving me very well. However there is an undesirable aspect, which is that the client will time-out if not used for a few minutes.
Now it is simply a matter of configuring the Ubuntu terminal to access the Lightsail server.
Lighsail creates a default ssh key for each region, which is what we'll use, at least to begin with.
For Sydney this is called:
Download the key file (.pem) and place it in your
~/.ssh/ (home ssh) folder.
Before we can use the keyfile we need to restrict the permissions as ssh requires restricted access to keyfiles.
- Restrict the permissions over the key:
$ chmod 600 ~/.ssh/[keyfile]
- Test access to our server using our terminal:
$ ssh -i ~/.ssh/[keyfile] [user]@[public ip]
Note: we can use our website address (e.g. libreengineer.com) instead of our [public ip].
This should connect us to our server.
However, this is a lot to remember and type.
Instead lets setup an alias, to simplify the connection process.
Our alias will be stored in an ssh configuration file.
3. Create a configuration file:
$ touch ~/.ssh/config
- Open the configuration file and add an alias:
$ nano ~/.ssh/config Host [alias] HostName [public ip] User [user] IdentityFile ~/.ssh/[keyfile]
- Test access to our server using our alias:
$ ssh alias
This is a simpler method of connecting to our server.
However, we've relied on the Lightsail default key.
Another option is to create a private ssh key (just for our computer) and to use that for all ssh connections by default.
Digital Ocean provide a nice guide on how to achieve this.
6. Create the local keyfile
- Add our public key
id_rsa.pubto our server's authorised keys file:
$ cat ~/.ssh/id_rsa.pub | ssh [alias] "mkdir -p ~/.ssh && touch ~/.ssh/authorized_keys && chmod -R go= ~/.ssh && cat >> ~/.ssh/authorized_keys"
- Now delete the Lightsail default key, and remove it's reference from the alias file
$ rm ~/.ssh/[keyfile] $ nano ~/.ssh/config Host [alias] HostName [public ip] User [user]
- Test access to our server using our alias and local keyfile
We have now configured our terminal and Lightsail server to be able to connect via a private key that is unique to our computer.