What is ssh - Secure Shell
Secure shell is a secure communication protocol that can be used for remote administration (like a webserver) over a terminal. It is technically a secure version of telnet. A shell or console on any system is meant to execute commands on it and control it. Telnet used to do this. But telnet transmitted all data in plain text format and hence is insecure by design. To overcome this, the communication is wrapped with ssl encryption and this new scheme is called secure shell.
For secure shell, we need 2 components. First is the secure shell server that runs on the machine that is to be controlled remotely. And the other part is an ssh client that can speak the ssh protocol and communicate with the ssh server. In this post we are going to see how to setup the ssh server and client on ubuntu and do some secure communication.
Install OpenSSH server on ubuntu
On ubuntu install the package openssh-server. It provides the sshd server.
$ sudo apt-get install openssh-server
Once installed the ssh server should be up and running. Verify it with the service command
$ service ssh status ssh start/running, process 29422
Now connect to the ssh server using the ssh command. The ssh command is the "openssh client". The syntax is of ssh is like this
ssh [email protected] OR ssh -l username hostname
Connect to our ssh server.
$ ssh [email protected] The authenticity of host 'localhost (127.0.0.1)' can't be established. ECDSA key fingerprint is f2:81:02:29:0b:84:69:d4:71:35:e0:2f:d7:3b:cd:3e. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts. [email protected]'s password:
Once logged in it will show a welcome message similar to this
Welcome to Ubuntu 12.10 (GNU/Linux 3.5.0-17-generic x86_64) * Documentation: https://help.ubuntu.com/ New release '13.04' available. Run 'do-release-upgrade' to upgrade to it. *** System restart required *** Last login: Thu May 30 20:58:33 2013 from localhost $
The ssh server works on port 22 by default. If you want to change the default port of ssh server then edit the file
It has a line for specifying the port number.
# What ports, IPs and protocols we listen for Port 22
After changing the port number restart the ssh server using the service command
$ sudo service ssh restart ssh stop/waiting ssh start/running, process 30751
To learn more about how to configure the ssh server using the configuration file check the man page by running the following command
Putty ssh client
On ubuntu the terminal ssh command is the easiest way to connect to any ssh server. However if you are looking for an alternative then try putty. Putty is a free ssh/telnet client that is available for both linux and windows. On ubuntu install it from synaptic
sudo apt-get install putty
Password less login to ssh server
The ssh server setup by default asks for the username/password to login. However it is possible to setup passwordless login by using key based authentication. Check out my tutorial on setting up password less login to ssh for more information.