SSH is typically used to login to the remote linux machines and execute commands. It is also providing X windows system connection (GUI). It can transfer files using the associated SFTP [SSH File Transfer Protocol], Secure copy protocop[SCP].
ssh [email protected] eg, ssh [email protected]
If you login as root you can simply give,
$ ssh [serverip or hostname]
In RHEL we can user X window system forwarding when using nautilus command which is a file explorer command by,
$ ssh -X [email protected]
Now when you access nautilus command it will open in GUI mode.
SSH Login without Password:
For login to remote machine without password we should generate ssh key pair in our local machine,
Mostly we would generate rsa key pair for better encryption and decryption. Optionally we can use -b to create different length of keys, by default it will generate 2048bi length.
$ ssh-keygen -t rsa -b 4096 Generating public/private rsa key pair. Enter file in which to save the key (/home/user/.ssh/id_rsa): Created directory '/home/user/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/user/.ssh/id_rsa. Your public key has been saved in /home/user/.ssh/id_rsa.pub. The key fingerprint is: SHA256:qI4xxoRimRNqQZEn8teQe+gJQ001lo1GMa4wvufMYkU [email protected] The key's randomart image is: +---[RSA 4096]----+ | ooo.+B= | |oo..+o+o. | |.== *. | |.oOoE.o. | |+*o*.o. S | |+o..+. | | *.o | | .oX | | ...= | +----[SHA256]-----+
=> Our private and public keys would be stored in,
$ cat /home/user/.ssh/id_rsa $ cat /home/user/.ssh/id_rsa.pub
We should check the permission of the .ssh directory and key files, default permission would be,
$ ls -la drwx------ 2 user user 4096 Oct 2 05:28 .ssh ~/.ssh$ ls -l -rw------- 1 user ser 3243 Oct 2 04:33 id_rsa -rw-r--r-- 1 user user 751 Oct 2 04:33 id_rsa.pub
Next we should use ssh-copy-id command to copy our public key and paste it to remote system .ssh directory in the name of authorized_keys
$ ssh-copy-id -i /home/user/.ssh/id_rsa.pub [email protected]
check in remote machine for authorized_keys file,
[email protected] ~]$ ls -la .ssh/ total 24 drwx------ 2 devopstree devopstree 4096 Oct 2 05:28 . drwx------ 3 devopstree devopstree 4096 Oct 2 05:11 .. -rw------- 1 devopstree devopstree 1548 Oct 2 07:54 authorized_keys
It will ask for password first time, after first time authentication it will not ask for password untill our public key present in remote machine users authorized_keys file.
We can add many users public key[id_rsa.pub] in authorized_keys file to provide password less access. After this steps are done, we can access remote machine without password,
$ ssh [email protected]
How to skip Host verification when ssh into a linux server first time,
ssh -o "StrictHostKeyChecking no"[email protected]
Default port number of ssh is 22
Configuration file for ssh is /etc/ssh/sshd_config
In ssh configuration file they have mentioned port 22 in one line mostly 4th line in ubuntu, we can change the port number from here.
Command to restart ssh service
$ sudo service sshd restart
If we change the port number we should login using -p,
$ ssh -p <port number> [email protected]<ip address>
When we login via ssh we would be in runlevel 3.
When we have our private key in different directory, we should use following syntax to login to the remote machine,
$ ssh -i /path/of/private-key.pem [email protected]
This will help beginners to answer question about ssh in interviews. This will be helpful for developers and system admins to work on Linux Environment.