In this short tutorial I use my MacOS Sierra as client and a Ubuntu 10 as server. It will also work on other Linux / Unix versions.

Generate a key pair

The first step is to generate a key pair (private and public key) to use for authentication. The private key will remain on your computer in a safe place. The public key will be imported on the server. Open a terminal and type:

mbpl:~ lucacosta$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/lucacosta/.ssh/id_rsa): luca
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in luca.
Your public key has been saved in luca.pub.
The key fingerprint is:
SHA256:KoTUeuoGwMvHSEsEGy4KzBe09XKLQ+RVZiUbgVucS3s lucacosta@mbpl
The key's randomart image is:
+---[RSA 2048]----+
|+ .o o .+B+. |
|++ .* o.o=+ |
|*+.o.+ o+.o |
|==.o. +..o E |
|* B oo .S . |
|.= * .. |
| .o . . |
| .. . |
| .. |
+----[SHA256]-----+

Copy your public key to the server that you want connect

Replace <user>@<destination_server> with your username and destination server:

mbpl:~ lucacosta$ ssh-copy-id -f -i /Users/lucacosta/luca.pub <user>@<destination_server>
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/lucacosta/luca.pub"
xxxx@xxxxxxxxx's password: 

Number of key(s) added:        1

Move your private key in your .ssh folder

The last thing to do is to move your private key on your computer to a folder named .ssh and rename it with “id_rsa”. In my home directory I have two keys named luca and luca.pub (this is the name that you typed when creating the key pair). With the command “ls” you get the list of the files like this:

mbpl:~ lucacosta$ ls
Applications			Music
Applications (Parallels)	NoSync
Creative Cloud Files		OneDrive
Desktop				Pictures
Documents			Public
Downloads			Synology
Dropbox				luca
Library				luca.pub
Movies

Now copy your private key (in my case “luca”) to the “.ssh” folder with the new name “id_rsa”:

mbpl:~ lucacosta$ cp luca .ssh/id_rsa

Test the connection with the certificate

Now we can test the connection (if you choosed to set a password for your private key you need to enter it when prompt):

mbpl:~ lucacosta$ ssh xxxxx@xxxxxxxx
Enter passphrase for key '/Users/lucacosta/.ssh/id_rsa': 
Linux xxxxxxxxxxxxxxxxxxxxxx 2.6.32-042stab120.5 #1 SMP Tue Oct 25 22:31:12 MSK 2016 x86_64 GNU/Linux
Ubuntu 10.04.4 LTS

Welcome to Ubuntu!
 * Documentation:  https://help.ubuntu.com/
Last login: Thu Mar  2 20:36:54 2017 from xxxxxxxxxxxxx
xxxxxxx@xxxxxxxxxxx:~# 

The code

The fork bomb code is (for example) like this one:

:(){:|:&};:

Explanation

First of all you define a function called “:”. The Syntax of the function is “:(){};”. Now in the function you will call the function itself recursively and send the output again to itself “:|:”. The “&” runs the function in the background. Now the fork bomb is done and you only need to call it with “:” at the end.

Live demonstration

For a live demonstration I have found a YouTube video:

How to prevent it

Preventing it is quite simple. You need to modify the system resources limits. Login to the server via SSH or open a new terminal window and edit the limits.conf file as root:

sudo vi /etc/security/limits.conf

Set a limit for the processes number for a specific user or a group:

username hard nproc 100

@groupname hard nproc 100