enigma-bbs/docs/servers/ssh.md

---
layout: page
title: SSH Server
---
## SSH Login Server
The ENiGMA½ SSH *login server* allows secure user logins over SSH (ssh://).

## Configuration
Entries available under `config.loginServers.ssh`:

| Item | Required | Description |
|------|----------|-------------|
| `privateKeyPem` | :-1: | Path to private key file. If not set, defaults to `./config/ssh_private_key.pem` |
| `privateKeyPass` | :+1: | Password to private key file.
| `firstMenu` | :-1: | First menu an SSH connected user is presented with. Defaults to `sshConnected`. |
| `firstMenuNewUser` | :-1: | Menu presented to user when logging in with one of the usernames found within `users.newUserNames` in your `config.hjson`. Examples include `new` and `apply`. |
| `enabled` | :+1: | Set to `true` to enable the SSH server. |
| `port` | :-1: | Override the default port of `8443`. | 
| `algorithms` | :-1: | Configuration block for SSH algorithms. Includes keys of `kex`, `cipher`, `hmac`, and `compress`. See the algorithms section in the [ssh2-streams](https://github.com/mscdex/ssh2-streams#ssh2stream-methods) documentation for details. For defaults set by ENiGMA½, see `core/config.js`.
| `traceConnections` | :-1: | Set to `true` to enable full trace-level information on SSH connections.

### Example Configuration

```hjson
{
    loginServers: {
        ssh: {
            enabled: true
            port: 8889
            privateKeyPem: /path/to/ssh_private_key.pem
            privateKeyPass: sup3rs3kr3tpa55
        }                                                             
    }
}
```

## Generate a SSH Private Key
To utilize the SSH server, an SSH Private Key will need generated. OpenSSL can be used for this task:

```bash
openssl genrsa -des3 -out ./config/ssh_private_key.pem 2048
```
* Docs theme to match ENiGMA website * New docs layout ready for github pages serving * Tonnes of new docs * Update gitignore * Probably other stuff too 2018-01-31 23:35:54 +00:00			`---`
			`layout: page`
			`title: SSH Server`
			`---`
+ NNTP docs + Gopher docs * Minor doc cleanup 2018-12-17 18:09:42 +00:00			`## SSH Login Server`
			`The ENiGMA½ SSH login server allows secure user logins over SSH (ssh://).`
* Docs theme to match ENiGMA website * New docs layout ready for github pages serving * Tonnes of new docs * Update gitignore * Probably other stuff too 2018-01-31 23:35:54 +00:00
+ NNTP docs + Gopher docs * Minor doc cleanup 2018-12-17 18:09:42 +00:00			`## Configuration`
			Entries available under `config.loginServers.ssh`:
* Docs theme to match ENiGMA website * New docs layout ready for github pages serving * Tonnes of new docs * Update gitignore * Probably other stuff too 2018-01-31 23:35:54 +00:00
+ NNTP docs + Gopher docs * Minor doc cleanup 2018-12-17 18:09:42 +00:00			`\| Item \| Required \| Description \|`
			`\|------\|----------\|-------------\|`
			\| `privateKeyPem` \| :-1: \| Path to private key file. If not set, defaults to `./config/ssh_private_key.pem` \|
			\| `privateKeyPass` \| :+1: \| Password to private key file.
			\| `firstMenu` \| :-1: \| First menu an SSH connected user is presented with. Defaults to `sshConnected`. \|
			\| `firstMenuNewUser` \| :-1: \| Menu presented to user when logging in with one of the usernames found within `users.newUserNames` in your `config.hjson`. Examples include `new` and `apply`. \|
			\| `enabled` \| :+1: \| Set to `true` to enable the SSH server. \|
			\| `port` \| :-1: \| Override the default port of `8443`. \|
			\| `algorithms` \| :-1: \| Configuration block for SSH algorithms. Includes keys of `kex`, `cipher`, `hmac`, and `compress`. See the algorithms section in the [ssh2-streams](https://github.com/mscdex/ssh2-streams#ssh2stream-methods) documentation for details. For defaults set by ENiGMA½, see `core/config.js`.
			\| `traceConnections` \| :-1: \| Set to `true` to enable full trace-level information on SSH connections.
* Docs theme to match ENiGMA website * New docs layout ready for github pages serving * Tonnes of new docs * Update gitignore * Probably other stuff too 2018-01-31 23:35:54 +00:00
+ NNTP docs + Gopher docs * Minor doc cleanup 2018-12-17 18:09:42 +00:00			`### Example Configuration`
* Docs theme to match ENiGMA website * New docs layout ready for github pages serving * Tonnes of new docs * Update gitignore * Probably other stuff too 2018-01-31 23:35:54 +00:00
			```hjson
			`{`
+ NNTP docs + Gopher docs * Minor doc cleanup 2018-12-17 18:09:42 +00:00			`loginServers: {`
			`ssh: {`
Notes on algorithms 2018-11-05 03:14:54 +00:00			`enabled: true`
+ NNTP docs + Gopher docs * Minor doc cleanup 2018-12-17 18:09:42 +00:00			`port: 8889`
			`privateKeyPem: /path/to/ssh_private_key.pem`
			`privateKeyPass: sup3rs3kr3tpa55`
Update ssh.md 2018-03-29 22:29:03 +00:00			`}`
* Docs theme to match ENiGMA website * New docs layout ready for github pages serving * Tonnes of new docs * Update gitignore * Probably other stuff too 2018-01-31 23:35:54 +00:00			`}`
			`}`
			```

+ NNTP docs + Gopher docs * Minor doc cleanup 2018-12-17 18:09:42 +00:00			`## Generate a SSH Private Key`
			`To utilize the SSH server, an SSH Private Key will need generated. OpenSSL can be used for this task:`
* Docs theme to match ENiGMA website * New docs layout ready for github pages serving * Tonnes of new docs * Update gitignore * Probably other stuff too 2018-01-31 23:35:54 +00:00
+ NNTP docs + Gopher docs * Minor doc cleanup 2018-12-17 18:09:42 +00:00			```bash
			`openssl genrsa -des3 -out ./config/ssh_private_key.pem 2048`
			```