SSH - tienducle/steam-deck-stuff GitHub Wiki

Steps to enable SSH with pubkey-auth.

Enable sshd

  • On the Steam Deck, switch to Desktop Mode

  • Open a terminal

  • Set a user password with passwd so we can do superuser stuff

  • Enable the ssh daemon with sudo systemctl start sshd

  • Execute ip a to determine the IP address of the Steam Deck or use the hostname to connect to it

Prepare SSH key

  • If no key exists yet, execute ssh-keygen on the host machine and follow the instructions to create a public/private key pair

  • When using default settings, the files will be placed under ~/.ssh/

  • Copy the content of ~/.ssh/id_rsa.pub, e.g. cat ~/.ssh/id_rsa.pub | pbcopy

Enable pubkey-auth

  • Connect to the Steam Deck via SSH, e.g. ssh [email protected]

  • Execute mkdir -p ~/.ssh/; nano ~/.ssh/authorized_keys

  • Paste the content of the public key

  • Press Ctrl+X and then Y to save and close the editor

  • Enter exit to disconnect

  • Check if pubkey-auth is working: Reconnect via SSH and it should not prompt for the user password.

SSHD hardening

  • Open the sshd config file, e.g. sudo nano /etc/ssh/sshd_config

  • Use Ctrl+W to search

  • Disable root user login: Find and set PermitRootLogin to no

  • Disable password login: Find and set PasswordAuthentication to no

  • Press Ctrl+X and then Y to save and close the editor

  • Restart sshd with sudo systemctl restart sshd

  • Trying to login with root user or any username, e.g. ssh [email protected] should instantly fail showing Permission denied (publickey) without any password prompt