1
00:00:00,000 --> 00:00:17,240
Hey everyone and welcome back. Now in the previous nugget we had looked at SSH server

2
00:00:17,240 --> 00:00:23,000
configuration. In this nugget right here we're going to take a look at the client configuration

3
00:00:23,000 --> 00:00:28,480
or at least some of the rules which apply to the client configuration. So you may recall

4
00:00:28,480 --> 00:00:34,640
that in the previous nugget we actually modified a particular file and this was called the SSHD

5
00:00:34,640 --> 00:00:42,600
config file. Now when you see the SSHD you know that you're dealing with the server configuration

6
00:00:42,600 --> 00:00:49,240
that is the ability of your system to act as an SSH server for incoming connections. If you

7
00:00:49,240 --> 00:00:56,480
just want to be able to make an SSH connection i.e. to connect to a remote SSH server the actual

8
00:00:56,479 --> 00:01:03,559
configuration file is going to just be SSH underscore config so without that D that D is

9
00:01:03,559 --> 00:01:11,079
going to tell you the server without it it will be the client configuration. Now we learned that

10
00:01:11,079 --> 00:01:20,120
with SSH we can ultimately wrap our FTP connection into an encrypted tunnel via SSH ultimately

11
00:01:20,120 --> 00:01:28,920
giving us secure FTP. Now this type of configuration for SFTP as well as to make secure copy

12
00:01:28,920 --> 00:01:35,520
connections we can control this within this particular file. Now we have a global configuration

13
00:01:35,520 --> 00:01:43,000
whereby we can manipulate our SSH client settings. This is going to be in the location again no

14
00:01:43,000 --> 00:01:48,200
surprises the Etsy directory then noting that this is going to be system-wide. Again we go into

15
00:01:48,200 --> 00:01:55,159
the SSH directory and then within this we're going to have SSH underscore config. This here will

16
00:01:55,159 --> 00:02:02,280
be your system-wide settings which will apply to all users. Now we do have an order of precedents

17
00:02:02,280 --> 00:02:08,280
right here the global settings are at the very lowest order of precedents they're going to come

18
00:02:08,280 --> 00:02:16,319
in order three of three. Above that we have our user specific configurations that would be your

19
00:02:16,359 --> 00:02:23,039
user and whereabouts we could specify these configurations would be within your home directory

20
00:02:23,039 --> 00:02:29,120
so we'll do our dollar sign for our variable value and then home and within the user's home

21
00:02:29,120 --> 00:02:35,959
directory we will have our dot SSH directory the hidden directory and then we'll have a file called

22
00:02:35,959 --> 00:02:44,079
config this is where a user can specify their particular SSH settings so really anything that

23
00:02:44,160 --> 00:02:50,160
is in the global settings will be overwritten by whatever the user specifies within here but we

24
00:02:50,160 --> 00:02:57,480
do have one more setting that is going to override all that's going to be the top order of operations

25
00:02:57,480 --> 00:03:05,360
with respect to precedents that is the CLI arguments that you actually specify when issuing any SSH

26
00:03:05,360 --> 00:03:11,880
commands via your terminal. So to recap we have client configurations then we have our user

27
00:03:12,159 --> 00:03:17,919
configurations and then the global settings really that means that if we happen to have some type

28
00:03:17,919 --> 00:03:24,000
of configuration specified in the global and we don't have anything in the user defined and we

29
00:03:24,000 --> 00:03:30,319
don't specify anything via the command line those global configurations will take effect however if

30
00:03:30,319 --> 00:03:38,000
we have a conflict and the settings are specified within the global and that particular user who

31
00:03:38,039 --> 00:03:46,400
is using SSH also has the same setting within their user defined SSH configuration file if we have

32
00:03:46,400 --> 00:03:52,520
that clash the global ones will not take effect we're going to go with the user specific configurations

33
00:03:52,520 --> 00:03:59,039
and again those settings can be overwritten directly if the user happens to specify them in via

34
00:03:59,039 --> 00:04:05,400
the command line directly so if I clear the screen and let me just full screen this for now so if I

35
00:04:05,439 --> 00:04:13,159
say man SSH we can see here this is the open SSH login client we can see here all of these

36
00:04:13,159 --> 00:04:20,399
different options so if we specify dash 4 for IPv4 addresses via the command line or again if we

37
00:04:20,399 --> 00:04:27,199
just scroll on down we can specify particular cipher specifications again if you're passing this in

38
00:04:27,199 --> 00:04:33,079
via the command line they will actually override the settings specified within your configuration

39
00:04:33,079 --> 00:04:38,959
file under the ciphers heading okay so that is the first order let's have a look at the configurations

40
00:04:38,959 --> 00:04:47,599
within the Etsy directory so we go into Etsy and SSH and then SSH underscore config again not SSHD

41
00:04:47,599 --> 00:04:54,159
and of course I'm going to have to use nano to actually open this up so I'll try that again type

42
00:04:54,159 --> 00:05:00,120
in the passwords cool so this one looks a little bit different you will see some crossover with

43
00:05:00,160 --> 00:05:06,000
respect to the settings but ultimately this is like I say for the client configuration so and in

44
00:05:06,000 --> 00:05:11,680
fact here you actually even notice look what it says right here command line options user specific

45
00:05:11,680 --> 00:05:18,120
system-wide again here if we scroll on down here are all the things that we can ultimately configure

46
00:05:18,120 --> 00:05:23,639
via our client configuration file so again we can change the port we're gonna have the default

47
00:05:23,639 --> 00:05:29,480
port that we're going to try to reach the connection to be maybe say 2222 but again by default we

48
00:05:29,520 --> 00:05:35,000
can see here that we're going to use port 22 for good reason so we just change that back we can

49
00:05:35,000 --> 00:05:40,520
specify which type of ciphers we want to include with respect to our cryptography and we can add

50
00:05:40,520 --> 00:05:46,080
in more configurations with respect to say for example x11 as we can see right here but ultimately

51
00:05:46,080 --> 00:05:52,680
understanding that this configuration file is our system-wide configuration file and again if I wanted

52
00:05:52,680 --> 00:05:58,360
to create a user specific one I could go into my home directory in fact if I just do cd takes me to

53
00:05:58,360 --> 00:06:03,840
my home directory at our pwd we can see where we are I can do this to do nano and then go into the

54
00:06:03,840 --> 00:06:09,000
dot SSH directory and then I could have a file called config and within here I could actually

55
00:06:09,000 --> 00:06:16,199
specify user specific configurations so really when we want to be using SSH as a client maybe

56
00:06:16,199 --> 00:06:21,080
a game we're going to be using secure copy whatever it may be understanding this order of

57
00:06:21,080 --> 00:06:26,160
precedence it really is very very important again we go with CLI then the user specific and then

58
00:06:26,160 --> 00:06:31,800
the system-wide configurations try to remember the particular locations of these configuration files

59
00:06:31,800 --> 00:06:36,960
because understanding these locations certainly will be beneficial for the purposes of the examination

60
00:06:36,960 --> 00:06:43,320
but now we have the general understanding of these client configurations let's dive in and begin

61
00:06:43,320 --> 00:06:51,720
working with these client configurations doing things like using scp using sftp those are the

62
00:06:51,720 --> 00:06:55,560
things that we'll be looking at in the very next nuggets I hope this has been informative for you

63
00:06:55,560 --> 00:06:57,240
and I'd like to thank you for viewing