SSH, what is it and how to use it
Few tools are as useful as SSH (Secure SHell). If administering computer is a tower, then SSH is one of the first bricks placed. SSH enables system administrators to remotely control a machine by accessing its CLI. Now, for a basic setup it is fairly easy to configure SSH, while securing it becomes a bit more difficult, however it is over the purpose of this article and so it will be skipped. Remember however that an insecure setup MUST NOT be deployed to production environments.
SSH uses the client-server model in order to allow remote control. The SSH server is the machine which will be controlled by the client that is another machine running an SSH client. Basically this is it, however there is something else: SSH Keys. Keys are used to provide an encrypted medium of exchange. This is probably the most evident difference with telnet, which is now regarded as an insecure tool and its use should be avoided most of the times, especially in public and shared environments. All of this doesn’t apply to SSH thanks to SSH keys.
Generating your first key
In order to connect to a server you will usually need to have a key as we were saying (also the server needs its own key). To do so, you will use the following command:
ssh-keygen -t rsa -b 2048
Alternatively you can use ssh-keygen and you will be prompted with a series of question to generate the key (also the first command will ask you some questions). Once you are done you will have a working SSH Key.
Using SSH is probably easier than the whole process of setting it up. Remember a server must be running and listening on the other side for you to connect. Once you have verified an SSH server is running you can simply:
ssh YOURUSERNAME@SERVERIPADDR -p PORT
Replace YOURUSERNAME with your username on the server (yes you need an account on the remote server) and SERVERIPADDR with your server IP Address (if you have a resolvable name for your server you can also replace SERVERIPADDR with the server’s hostname). Usually SSH servers listen on port 22/tcp, but they can also be configured to listen on another port: if that’s the case replace port with the port you have configured on the server, usually however it will be 22 and you can delete the entire -p argument.
That’s it, this is just a beginner introduction and you might encounter several problems (like “How can I set up a server?“). I’ll be sure to cover this topic in another article.
Image courtesy of kev-shine