{"id":524,"date":"2024-08-10T12:31:07","date_gmt":"2024-08-10T12:31:07","guid":{"rendered":"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/?p=524"},"modified":"2024-08-10T12:34:07","modified_gmt":"2024-08-10T12:34:07","slug":"working-with-ssh-servers","status":"publish","type":"post","link":"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/working-with-ssh-servers\/","title":{"rendered":"SSH Essentials: Working with SSH Servers, Clients, and Keys"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_83 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/working-with-ssh-servers\/#SSH_Server_Introduction\" >SSH Server Introduction<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/working-with-ssh-servers\/#SSH_Overview\" >SSH Overview<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/working-with-ssh-servers\/#How_SSH_Works\" >How SSH Works<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/working-with-ssh-servers\/#Setting_Up_an_SSH_Server\" >Setting Up an SSH Server<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/working-with-ssh-servers\/#Using_an_SSH_Client\" >Using an SSH Client<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/working-with-ssh-servers\/#Working_with_SSH_Keys\" >Working with SSH Keys<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/working-with-ssh-servers\/#Additional_SSH_Features\" >Additional SSH Features<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/working-with-ssh-servers\/#Summary\" >Summary<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h3 id=\"introduction\"><span class=\"ez-toc-section\" id=\"SSH_Server_Introduction\"><\/span>SSH Server Introduction<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>SSH Servers SSH is a secure protocol used as the primary means of connecting to Linux servers remotely. It provides a text-based interface by spawning a remote shell. After connecting, all commands you type in your local terminal are sent to the remote <a href=\"https:\/\/www.squarebrothers.com\/dedicated-server-india\/\" target=\"_blank\" rel=\"noopener\">server<\/a> and executed there.<\/p>\n<p>In this cheat sheet-style guide, we will cover some common ways of connecting with SSH to achieve your objectives. This can be used as a quick reference when you need to know how to connect to or configure your server in different ways.<\/p>\n<h2 id=\"ssh-overview\"><span class=\"ez-toc-section\" id=\"SSH_Overview\"><\/span>SSH Overview<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The most common way of connecting to a remote Linux server is through SSH. SSH stands for Secure Shell and provides a safe and secure way of executing commands, making changes, and configuring services remotely. When you connect through SSH, you log in using an account that exists on the remote server.<\/p>\n<h3 id=\"how-ssh-works\"><span class=\"ez-toc-section\" id=\"How_SSH_Works\"><\/span>How SSH Works<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>When you connect through SSH, you will be dropped into a shell session, which is a text-based interface where you can interact with your server. For the duration of your SSH session, any commands that you type into your local terminal are sent through an encrypted SSH tunnel and executed on your server.<\/p>\n<p>The SSH connection is implemented using a client-server model. This means that for an SSH connection to be established, the remote machine must be running a piece of software called an SSH daemon. This software listens for connections on a specific network port, authenticates connection requests, and spawns the appropriate environment if the user provides the correct credentials.<\/p>\n<p>The user\u2019s computer must have an SSH client. This is a piece of software that knows how to communicate using the SSH protocol and can be given information about the remote host to connect to, the username to use, and the credentials that should be passed to authenticate. The client can also specify certain details about the connection type they would like to establish.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Setting_Up_an_SSH_Server\"><\/span>Setting Up an SSH Server<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ol>\n<li><strong>Install SSH Server:<\/strong>On Ubuntu, the SSH server can be installed using the <code>openssh-server<\/code> package:\n<pre>sudo apt update\r\nsudo apt install openssh-server<\/pre>\n<\/li>\n<\/ol>\n<p><strong>Start and Enable SSH Service:<\/strong><\/p>\n<p>Ensure that the SSH service is running and set to start automatically on boot:<\/p>\n<pre>sudo systemctl start ssh\r\nsudo systemctl enable ssh<\/pre>\n<p><strong>Configure SSH Server:<\/strong><\/p>\n<p>The main configuration file for SSH server is <code>\/etc\/ssh\/sshd_config<\/code>. You can edit this file to change settings like port number, authentication methods, and more:<\/p>\n<pre>sudo nano \/etc\/ssh\/sshd_config<\/pre>\n<p>Key options include:<\/p>\n<ul>\n<li><strong>Port<\/strong>: Change the default port (22) to something less common for security reasons.<\/li>\n<li><strong>PermitRootLogin<\/strong>: Set to <code>no<\/code> to disable direct root login.<\/li>\n<li><strong>PasswordAuthentication<\/strong>: Set to <code>no<\/code> to require key-based authentication.<\/li>\n<\/ul>\n<p>After making changes, restart the SSH service:<\/p>\n<pre>sudo systemctl restart ssh<\/pre>\n<h3><span class=\"ez-toc-section\" id=\"Using_an_SSH_Client\"><\/span>Using an SSH Client<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ol>\n<li><strong>Connect to an SSH Server:<\/strong>To connect to a remote SSH server, use the <code>ssh<\/code> command followed by the username and server address:<\/li>\n<\/ol>\n<pre>ssh username@remote_host<\/pre>\n<p>If you\u2019ve configured SSH to use a different port, specify it with the <code>-p<\/code> option:<\/p>\n<pre>ssh -p 2222 username@remote_host<\/pre>\n<p><strong>SSH Client Configuration:<\/strong><\/p>\n<p>SSH client configuration can be managed in the <code>~\/.ssh\/config<\/code> file. This file allows you to set preferences for specific hosts, like default username, port, and key file.<\/p>\n<p>Example configuration:<\/p>\n<pre>Host myserver\r\nHostName remote_host\r\nUser username\r\nPort 2222\r\nIdentityFile ~\/.ssh\/id_rsa<\/pre>\n<p>With this configuration, you can connect using:<\/p>\n<pre>ssh myserver<\/pre>\n<h3><span class=\"ez-toc-section\" id=\"Working_with_SSH_Keys\"><\/span>Working with SSH Keys<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>SSH keys provide a secure way to log in without passwords.<\/p>\n<ol>\n<li><strong>Generate SSH Key Pair:<\/strong>Generate an SSH key pair using <code>ssh-keygen<\/code>. This creates a private and a public key:<\/li>\n<\/ol>\n<pre>ssh-keygen -t rsa -b 4096 -C \"your_email@example.com\"<\/pre>\n<ul>\n<li>\n<ul>\n<li><code>-t rsa<\/code> specifies the key type (RSA).<\/li>\n<li><code>-b 4096<\/code> specifies the number of bits in the key.<\/li>\n<li><code>-C<\/code> adds a comment to the key for identification.<\/li>\n<\/ul>\n<p>By default, the keys are saved in <code>~\/.ssh\/id_rsa<\/code> (private) and <code>~\/.ssh\/id_rsa.pub<\/code> (public).<\/li>\n<li><strong>Copy SSH Public Key to Server:<\/strong>To enable key-based authentication, the public key must be added to the <code>~\/.ssh\/authorized_keys<\/code> file on the remote server. Use <code>ssh-copy-id<\/code> to automate this:<\/li>\n<\/ul>\n<pre>ssh-copy-id username@remote_host<\/pre>\n<p><strong>Secure Your SSH Keys:<\/strong><\/p>\n<ul>\n<li><strong>Permissions<\/strong>: Ensure your <code>.ssh<\/code> directory and its contents have the correct permissions:<\/li>\n<\/ul>\n<pre>chmod 700 ~\/.ssh\r\nchmod 600 ~\/.ssh\/id_rsa\r\nchmod 644 ~\/.ssh\/id_rsa.pub<\/pre>\n<p><strong>Passphrase<\/strong>: Protect your private key with a passphrase during creation. This adds an extra layer of security.<\/p>\n<p><strong>Disable Password Authentication:<\/strong><\/p>\n<p>After setting up SSH keys, you can disable password authentication on the server for added security. Edit <code>\/etc\/ssh\/sshd_config<\/code> and set:<\/p>\n<pre>PasswordAuthentication no<\/pre>\n<p>Restart the SSH service to apply changes:<\/p>\n<pre>sudo systemctl restart ssh<\/pre>\n<h3><span class=\"ez-toc-section\" id=\"Additional_SSH_Features\"><\/span>Additional SSH Features<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul>\n<li><strong>SSH Tunneling (Port Forwarding):<\/strong>SSH can tunnel network connections. This is useful for securing traffic or accessing services behind a firewall.\n<ul>\n<li><strong>Local Forwarding<\/strong>: Forward a local port to a remote server:<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<pre>ssh -L local_port:destination_host:destination_port username@remote_host<\/pre>\n<p><strong>Remote Forwarding<\/strong>: Forward a remote port to a local server:<\/p>\n<pre>ssh -R remote_port:local_host:local_port username@remote_host<\/pre>\n<p><strong>SSH Agent:<\/strong><\/p>\n<p>SSH Agent stores private keys in memory to avoid typing passphrases repeatedly. Start the agent and add keys:<\/p>\n<pre>eval \"$(ssh-agent -s)\"\r\nssh-add ~\/.ssh\/id_rsa<\/pre>\n<p><strong>SSH File Transfer:<\/strong><\/p>\n<p>Use <code>scp<\/code> (Secure Copy) or <code>sftp<\/code> (SSH File Transfer Protocol) to transfer files securely over SSH.<\/p>\n<ul>\n<li><strong>SCP<\/strong>: Copy files between local and remote systems:<\/li>\n<\/ul>\n<pre>scp local_file username@remote_host:\/remote\/directory<\/pre>\n<p><strong>SFTP<\/strong>: Interactive file transfer session:<\/p>\n<pre>sftp username@remote_host<\/pre>\n<h3><span class=\"ez-toc-section\" id=\"Summary\"><\/span>Summary<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>SSH is a powerful tool for secure remote management and file transfer. By configuring SSH servers, clients, and keys properly, you can enhance security and streamline your workflow when accessing remote systems.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>SSH Server Introduction SSH Servers SSH is a secure protocol used as the primary means of connecting to Linux servers remotely. It provides a text-based interface by spawning a remote shell. After connecting, all commands you type in your local terminal are sent to the remote server and executed there. In this cheat sheet-style guide, [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[52,42,66],"tags":[],"class_list":["post-524","post","type-post","status-publish","format-standard","hentry","category-dns","category-linux","category-ssh"],"_links":{"self":[{"href":"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/wp-json\/wp\/v2\/posts\/524","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/wp-json\/wp\/v2\/comments?post=524"}],"version-history":[{"count":5,"href":"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/wp-json\/wp\/v2\/posts\/524\/revisions"}],"predecessor-version":[{"id":529,"href":"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/wp-json\/wp\/v2\/posts\/524\/revisions\/529"}],"wp:attachment":[{"href":"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/wp-json\/wp\/v2\/media?parent=524"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/wp-json\/wp\/v2\/categories?post=524"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hyderabadwebhosting.co.in\/tutorials\/wp-json\/wp\/v2\/tags?post=524"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}