Secure Shell (SSH) is a network protocol that gives users security in an unprotected network. SSH allows for remote access without having to sit at a computer and easy installation on common operating systems. In this lesson, we’ll learn how to install SSH, use it to access remote servers, and more.
Accessing a Server Via SSH
Are you building a website? Are you managing a large database such as MySQL? Are you a system administrator managing Linux or Unix servers? If any of these apply, SSH or Secure Shell will be one of the main tools in your IT toolbox.
It’s very easy to access remote servers from wherever you are, from the data center to your home office to the local coffee shop.
SSH’s main selling point is its coupling of remote access with security.Many rack-mounted servers run ‘headless’, that is, without a keyboard or monitor attached. It’s possible to go around a data center with monitor and keyboard and plug them in to a machine you want to configure, but that’s inconvenient.
Some data centers have pull-out monitors and keyboards, but those are expensive.Even worse, you have to physically walk up to these machines to access them. What about machines that might be located in a different part of the building, or even in a different country?Fortunately, there are ways to access these machines remotely easily and safely.SSH lets you access the shell or command line of an operating system from wherever you are over the network. With SSH, it’s as if you were sitting right at the computer console, typing in commands.
With SSH, you’ll only be using text-based commands for accessing the system instead of something like the Control Panel in Windows or Preferences on the Mac, so you’ll have to be comfortable with the command line, especially the Linux/Unix command line on the system you’re trying to access.SSH encrypts the connection so that eavesdroppers can’t see sensitive information such as passwords, which makes it ideal for accessing computers over insecure networks such as public Wi-Fi.For example, if you’re logging in over a Wi-Fi connection at a coffee shop, a malicious user won’t be able to intercept what you’re typing, especially not your password, if you’re using SSH. This makes it a vast improvement over the older Telnet that also offers remote access.
If you have want to access remote servers using SSH, you likely already have the client installed if you’re using Linux or Mac.
If you’re using Windows, there’s a free application called PuTTY, which can be downloaded.On the server side, the SSH server will also have to be installed. On many Unix and Linux versions, it is not installed by default for security reasons. The fewer services that allow remote logins, the less risk there is of unwanted users getting in, so it’s best to enable SSH only if you’re sure you really want to. The distribution’s documentation will provide ample resources as to how to go about setting it up.
It’s usually a matter of simply installing the right package from the package manager.If you’re using a cloud computing platform, such as Amazon Web Services, you may have to enable SSH access from the configuration menu. Check with your provider on how to do this.
Accessing Remote Servers
It’s also very easy to access remote servers with SSH. Suppose you need to access a machine to make changes to the web server. To access a remote server at Example.
com, on a Linux/Unix or Mac system, you would just open up a terminal window and type:ssh [email protected]You’ll be prompted for you password, and you’ll be able to issue commands as if you were right there in the data center. Of course, you’d have to replace ‘user’ with whatever your username happens to be on the remote server.
By default, ssh uses port 22 to connect, but if the server uses a different port for SSH connections, you can pass this along with the -p option. Suppose our server uses port 4222. Here’s what the command would look like:ssh -p 4222 [email protected]If you’re using PuTTY on Windows, you’d just type in the address of the remote server in the PuTTY configuration window and press the ‘Open’ button. Once again, you’ll be prompted for your password.
You can also choose the correct port in PuTTY. By default, it also uses port 22.If you don’t want to use a password, you can generate a key pair to log in.
A key pair includes a public key that you store on the server and a private key that you keep to yourself. Using the ssh-keygen command or using PuTTY you can generate this key pair. You then log into the remote server and paste the contents of your public key into the ~/.ssh/id_rsa.pub file on the server. You can then log in securely without a password.
SSH or Secure Shell lets you access remote servers easily and safely over a network without having to be physically present at the machine. SSH is included on Linux or Mac systems and can be downloaded on Windows. You can then access remote machines with SSH by providing the username and password. You can also specify a port other than the default of 22 when necessary. If you don’t wish to use a password, you can generate a key pair.