Secure Shell (SSH) is a protocol used to login to remote servers from the command line. SSH includes secure features that encrypt data transmitted through the network so that snoopers may not access your data. In this series, we'll go over how to set up SSH as a client, and explain what public/private keys are, and explain all related commands to SSH.
SSH gives you access to the command line of another computer. As we have seen throughout this tutorial series, the command line grants us power to do almost anything we'd like. The ability to control such remote computers gives you the power and flexibility to achieve a variety of tasks.
Here are just two examples of how SSH can help aid in your productivity:
In the early days of Linux, different protocols were used instead of
ssh. Two examples are
telnet and Virtual Network Computer (VNC). These early protocols worked, but were very insecure since they transferred data in cleartext.
The advantages of using SSH over the legacy alternatives include:
One drawback of SSH is the amount of lag due to CPU time being consumed for encryption and decryption. Another more obvious drawback is the learning curve necessary for setup and configuration - but have no fear! This tutorial will explain everything in easy-to-understand terms!
The basic command used to secure shell into a computer is simple. We can use
ssh, followed by either the IP address or hostname of the computer you want to log into.
$ ssh 22.214.171.124 # You can use a host name instead $ ssh ex.amplwebsite.com
ssh assumes that you are trying to log-in with the same username as your local machine. However, your username on the remote server will sometimes be different from your local computer. To specify your username, you can use the
-l option or type your username before the IP address/hostname followed by an
$ ssh -l user 126.96.36.199 $ ssh email@example.com
The authenticity of host '188.8.131.52 (184.108.40.206)' can't be established. RSA key fingerprint is c5:23:23:52:00:49:08:04:f9:50:f5:34:7f:aa:ef:27. Are you sure you want to continue connecting (yes/no)?
Upon first logging into a remote computer, you'll be asked a question of whether the authenticity of the host is OK. This is to ensure that you're not the target of a man-in-the-middle attack. Once you've verified the RSA fingerprint, type "yes."
Another handy option used frequently is to specify the port number. The port number identifies to which process a network message should be directed to when it arrives at a server. The default port number for secure shell is 22, and for FTP data transfer it's 20.
Sometimes you'll run into some errors, and
ssh will quit with very little information as to what went wrong. To activate verbose mode, use
-vvv, each one increasing in verbosity.
If you have successfully connected, you should notice the .ssh directory in your local home folder.
The .ssh folder located in your home directory (~), and contains all user configurations for secure shell login.
ssh for the first time, you should notice a known_hosts file. This file contains a list of all hash keys for all approved host computers, but won't explicitly indicate which ones. This is an added security measure so that even if hackers access the file, they won't be able to know which servers to compromise.
If you have specific parameters you'd like to save for a connection, you can set up a shortcut name, hostname, user, and port number all in the config file.
For example, if you're a bioinformaticist and work on a bioinformatics server, you can input the following data:
Host binf_server HostName binf.bfx.sju.edu User student Port 50433
Now that you have a specific server set up, you may simply type
ssh binf_server to log in, and SSH will load all your default parameters.
On the host server, you'll see a file called authorized_keys. This is a list of public keys that will allow the corresponding private key to login via key authorization instead of password authorization.
$ cat authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCh9aQwyrJJbKiQaKGHDGIUEU1rIfHO6zvsjn+kBzC/xLyxwDUTGsMmwhF0aSgDKW6riCXGP+3Sn23doai3RAsaCMPh1aTo5oOXFQIhhKOZK44MJdA3rypzxq3o0emlcRLA8p/5CzS+EscCUVCmbK9fIbH57jQzxROtCS5nsmoZzawVBz4CN4kaJbtYLf4y7R8BQZHsRV51plmLuazIsd7Ate8HYVVuHM/xQHr9R1MCiFfDUxhH4veHOmw2u2pYp0OAfQALQUtNpzbS7NSWGI7X5lFuSfMrVwfhRUSbpkk1UdMXX7FCMiFOq7pD3lCj/ScQsr7FPBm+/PlH3FhrRkLR example
The random letters, numbers and characters of a key are what makes SSH secure. Let's learn about SSH keys and their types next.
Ever feel achy from sitting crunched up on your computer table? Try lying down with these optical glasses that allow you to work on your laptop while lying flat on your back. This is the perfect solution with those with limited mobility or those who wish to prevent neck cramps and back strains.$ Check price
The Linux Command Line takes you from your very first terminal keystrokes to writing full programs in Bash, the most popular Linux shell. Along the way you'll learn the timeless skills handed down by generations of gray-bearded, mouse-shunning gurus: file navigation, environment configuration, command chaining, pattern matching with regular expressions, and more.$ Check price