What is SSH?
Ever wondered, how you can connect to a remote server from your laptop?
Well SSH (Secure Shell) can help you connect to the remote server, by encrypting the traffic between the client (laptop) and the server (remote machine).
Note:
Usually SSH is used to connect to a Linux server, although we can use it for Windows as well.
For Windows, Remote Desktop Protocol (RDP) is preferred.
Components of SSH
SSH Client: Helps you in connecting to the remote server
SSH Server: This runs on the remote server and accepts SSH connections from clients
Authentication Mechanism
Password Authentication: With this method, a client can connect to the server using username and password.
Cryptographic Encryption (Password less): In this method you can connect to the server using the private key, provided the public key in present on the remote server.
The later method is much more secure than the password method, as it is very difficult to decrypt.
Steps to start using SSH
Step 1: Configure SSH client
All Linux systems comes with pre installed SSH server, to check whether SSH is installed or not, use the below commands
dpkg --l | grep ssh
If you can't see any output, you can install using the below command
sudo apt install openssh-server
Note
OpenSSH is open source implementation of SSH protocol.
Latest Windows 10 and 11 terminal have preinstalled OpenSSH Client and OpenSSH Server.
Step 2.1: Connecting remote server using password
You can connect to the remote server using the password method using following command.
This method is not recommended. Please use cryptographic encryption method to connect to a remote server.
ssh username@ipaddrress
username: username of the remote user
ipaddress: IP address of the remote server.
After running the above command, you will be prompted for password, once authenticated you can execute commands on the remote machine.
Step 2.2: Connect using cryptographic encryption
When we create a remote server on any cloud providers like AWS, Azure, GCP they provide you option to auto generate the keys and will provide you the private key, which can be used to connect to the server.
In this case you can store this key on your local machine which can be used to connect to the server.
Then use the following command to connect to the server
ssh username@ipaddress -i "path/public_key"
Here -i flag lets you specify the Identifyfile which is the private key you got from the cloud provider.
Generating SSH Keys.
In case if you have your own local server, you can use the below commands creates a pair of public and private key.
These keys are usually stored in `~/.ssh` directory.
id_rsa is the private key (Not to be shared with anyone)
id_rsa.pub is the public key, which has to given to the remote server
ssh-keygen -t rsa -b 2048
ssh-keygen: command use to create the keys.
-t: specifying the type of cryptographic algorithm.
-b: specifying the byte size.
Now before connecting to the server, the public key generate has to be placed on the server. The following command can be used to copy the public key from client to the server.
ssh-copy-id username@ipaddress
This command will copy the public key id_rsa from the client to the remote server. After successful completion, you can use the below command to connect to the server.
ssh username@password
By default the id_rsa private key will be used to authenticate with the public key placed on the server.
In case if you cant to use different private key, then you can use -i command and specify path of private key.
Well, this method works fine if we connect to a single server. But what if I want to connect to multiple different server, where each one of them is running at different IP address and the also different set of private and public keys.
It would be very hard to remember those username, IP addresses and the location of keys.
To solve this we can make some configuration changes to the SSH and make our work easy. We will talk about it in the following post.