Data Structure
Networking
RDBMS
Operating System
Java
MS Excel
iOS
HTML
CSS
Android
Python
C Programming
C++
C#
MongoDB
MySQL
Javascript
PHP
Physics
Chemistry
Biology
Mathematics
English
Economics
Psychology
Social Studies
Fashion Studies
Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
Basic SSH Command Usage and Configuration in Linux
Secure Shell (SSH) is a popular protocol used to securely access remote systems over internet. It provides a secure, encrypted communication channel between a local and a remote computer, making it a great tool for remote administration, file transfers, and tunneling.
In this article, we will cover basic usage and configuration of SSH in Linux.
Installing and Enabling SSH
Before we dive into using SSH, let's make sure it's installed and enabled on your Linux machine.
To install SSH on Ubuntu, Debian or other Debian-based distributions, you can run following command −
sudo apt-get install openssh-server
On Red Hat-based systems such as CentOS, Fedora or Red Hat Enterprise Linux, you can use following command −
sudo yum install openssh-server
Once SSH is installed, you can enable it by starting SSH daemon with following command −
sudo systemctl start sshd
To make sure SSH starts automatically on boot, run following command −
sudo systemctl enable sshd
Connecting to a Remote Host
To connect to a remote host using SSH, you need to know its IP address or hostname. Once you have that information, you can use ssh command to initiate connection.
The basic syntax of ssh command is as follows −
ssh [username]@[hostname or IP address]
For example, to connect to a remote host with IP address 192.168.1.100 as user john, you would use following command −
ssh john@192.168.1.100
If this is your first time connecting to remote host, you may see a message like following −
The authenticity of host '192.168.1.100 (192.168.1.100)' can't be established.
ECDSA key fingerprint is SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
Are you sure you want to continue connecting (yes/no)?
This message is displayed to confirm that you trust remote host. If you are sure you want to connect, type yes.
You will then be prompted to enter password for user you are connecting as. Once you enter correct password, you will be logged in to remote host.
Transferring Files with SSH
Another useful feature of SSH is ability to transfer files securely between two computers. To transfer files using SSH, you can use scp command.
The basic syntax of scp command is as follows −
scp [options] [source] [destination]
For example, to copy a file named example.txt from local machine to a remote machine with IP address 192.168.1.100 and save it in /home/john directory, you would use following command −
scp example.txt john@192.168.1.100:/home/john
To copy a file from a remote machine to local machine, you can reverse source and destination arguments, like this −
scp john@192.168.1.100:/home/john/example.txt .
In this example, dot (.) at end of command specifies current working directory as destination.
Generating SSH Keys
SSH keys are a more secure way of logging in to a remote host because they eliminate need for a password. Instead, a key pair consisting of a public and a private key is used to authenticate user.
To generate an SSH key pair on your local machine, you can use ssh-keygen command. basic syntax of command is as follows −
ssh-keygen [options] [filename]
By default, ssh-keygen creates a key pair with a 2048-bit RSA key. private key is saved in ~/.ssh/id_rsa file, and public key is saved in ~/.ssh/id_rsa.pub file.
If you want to use a different key type or size, you can specify -t and -b options, respectively. For example, to generate a 4096-bit Ed25519 key, you would use following command −
ssh-keygen -t ed25519 -b 4096
Once you have generated your SSH key pair, you can copy public key to remote host using ssh-copy-id command. basic syntax of command is as follows −
ssh-copy-id [username]@[hostname or IP address]
For example, to copy public key of current user to a remote host with IP address 192.168.1.100 as user john, you would use following command −
ssh-copy-id john@192.168.1.100
You will be prompted to enter password for remote user. Once you enter correct password, public key will be added to authorized_keys file on remote host.
From now on, you can log in to remote host using your SSH key without having to enter a password.
Configuring SSH
SSH can be configured through ssh_config file, which is located in /etc/ssh/ directory. This file contains global configuration options that apply to all SSH connections made from machine.
You can also create a config file in ~/.ssh/ directory to specify configuration options for individual hosts.
The config file uses following syntax −
Host [hostname or IP address] [option] [value]
For example, to specify that SSH should use a specific identity file when connecting to a remote host, you would add following lines to config file −
Host myserver IdentityFile ~/.ssh/mykey
In this example, myserver is hostname or IP address of remote host, and ~/.ssh/mykey is path to private key file on your local machine.
You can also use config file to set other options, such as port number, username, and compression level.
In addition to basic usage and configuration covered in this article, there are several other features and options available with SSH that you may find useful.
SSH Tunnels
SSH tunnels, also known as SSH port forwarding, allow you to forward traffic from a local port on your machine to a port on a remote machine. This can be useful for accessing services that are not directly accessible from your local network.
The basic syntax for creating an SSH tunnel is as follows −
ssh -L [local port]:[remote host]:[remote port] [username]@[remote host]
For example, to forward traffic from port 8080 on your local machine to port 80 on a remote server with IP address 192.168.1.100, you would use following command −
ssh -L 8080:localhost:80 john@192.168.1.100
Once tunnel is established, you can access remote service by navigating to http://localhost:8080 in your web browser.
SSH Configurations for Multiple Hosts
If you need to connect to multiple remote hosts using SSH, you may find it useful to create separate configurations for each host in your ~/.ssh/config file.
To create a configuration for a specific host, you can add a Host section to your config file. For example, to create a configuration for a host with hostname webserver, you would add following lines to your config file −
Host webserver HostName 192.168.1.100 User john IdentityFile ~/.ssh/mykey
In this example, HostName specifies IP address or hostname of remote host, User specifies remote username, and IdentityFile specifies path to private key file on your local machine.
You can then connect to remote host using following command −
ssh webserver SSH Authentication Agents
SSH authentication agents allow you to store your SSH keys in memory and use them to authenticate with multiple remote hosts without having to enter your passphrase each time.
To enable SSH authentication agent, you can use following command −
eval $(ssh-agent)
This will start SSH agent and print agent process ID (PID). You can then add your private key to agent using ssh-add command −
ssh-add ~/.ssh/mykey
Once your key is added to agent, you can connect to remote hosts without having to enter your passphrase each time.
Conclusion
SSH is a powerful tool that can be used to securely access remote systems and transfer files between computers. By understanding basic usage and configuration of SSH, you can take advantage of its features to make your workflow more efficient and secure.
Remember to always use strong passwords and keep your SSH keys secure, and to configure SSH appropriately for your specific use case. With these best practices in mind, SSH can be an invaluable tool for remote administration and file transfers.
1K+ Views
