Discovering and SSH into devices on LAN - lmmx/devnotes GitHub Wiki

There are a few useful commands to discover what's on the LAN

openssh-server

Firstly, you'll want to install openssh-server to set up SSH keys for access (on both machines)

sudo apt install openssh-server
sudo service ssh status
sudo service ssh start # unnecessary probably, will start on installation

To edit then reload the SSH config run

sudo vim /etc/ssh/sshd_config
/etc/init.d/ssh restart

arp

arp -a

Will quickly show a list of all devices on LAN, their MAC address, and the interface they're on (this works differently via ethernet vs. wireless connection)

Presuming your IP addresses are static, you can save the address in the list in /etc/hosts and give it a handy name, which can then take the place of the IP address in SSH commands

E.g. after adding the following line to /etc/hosts:

10.15.1.200	myremotemachine

These will do the same thing:

ssh [email protected] ls;
ssh myusername@myremotemachine ls;
  • Make a new file authorized_keys and chmod 600 authorized_keys

Presuming you already have a SSH key (e.g. for GitHub/GitLab) and don't want to overwrite that, you should not accept the default filename in the ssh-keygen dialogue.

ssh-keygen -t ed25519 -C $(cat /etc/hostname)

When prompted, specify a filename to identify the machine you will put the public key on (e.g. if it's your laptop change the filename to id_ed25519_laptop or something neat and clear).

  • If you name them in this way, where
    • the filename indicates the destination for the public key being generated
    • the comment (-C) within the public key comes from the hostname file of the machine that generated them,
  • ...then the two keys will be clearly marked by their originating machine and it will be much harder to mix them up

Then add it to the SSH daemon:

eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_ed25519_laptop

Lastly, copy over the public key using the [pre-installed] ssh-copy-id tool:

ssh-copy-id -i ~/.ssh/id_ed25519_laptop.pub myusername@myremotelaptop

(where the remote machine is the laptop and the command is being run on your other machine)

The opposite way around would look like:

ssh-copy-id -i ~/.ssh/id_ed25519_desktop.pub myusername@myremotedesktop

avahi-browse

One way to show devices on the LAN (that seems in particular to show the type of device in terms of protocol used, e.g. homekit._tcp means an Apple HomeKit device over TCP) is

avahi-browse --all

For my uses arp -a was more useful (also easier to remember!)

iftop

To get your own IP address run sudo iftop and then exit the pager (it'll also print to STDOUT)

Note that this is (I'd expect for everyone?) a 10.-prefixed address i.e. private