Connecting to a Remote Linux Server Using SSH

emminex

Emmanuel Oyibo

Posted on May 15, 2024

Connecting to a Remote Linux Server Using SSH

For system administrators and developers, the ability to manage remote Linux servers is crucial. SSH (Secure Shell) is the industry-standard protocol for establishing secure, encrypted connections to remote machines.

SSH provides a protected channel for sensitive login credentials, command execution, and file transfers. It offers a significant security upgrade over legacy protocols like Telnet, which transmit data in plaintext.

This article assumes you have a basic understanding of command-line interfaces (like a terminal or command prompt).

Getting Started with SSH

The ssh command comes in handy whenever you want to connect to remote Linux servers. Let’s take a look at how to use the command:

$ ssh <username>@<remote_host_ip>
Enter fullscreen mode Exit fullscreen mode

Where:

  • ssh is the command itself, instructing your system to initiate an SSH connection.

  • <username> is your host username on the remote Linux server you want to access.

  • <remote_host_ip> represents the IP address of the remote server. You can also use a domain name (e.g., www.example.com) if you have one configured and it correctly points to the server’s IP address.

For example, let’s say you want to connect to a server with the IP address 192.168.1.10 and your username on that server is jane_doe. You can use the ssh command as follows:

$ ssh jane_doe@192.168.1.10
Enter fullscreen mode Exit fullscreen mode

By default, SSH typically uses port 22. So, you generally won’t need to specify this unless the remote server is configured differently.

Also, it’s essential for you to note that usernames and domain names in SSH connections are case-sensitive — ensure you have the capitalization correct.

Connecting for the First Time

Your first SSH connection to a new remote server comes with a crucial security step: verifying the server’s identity.

Trusting the Remote Host

You’ll likely see a prompt similar to this:

The authenticity of host '192.168.1.10 (192.168.1.10)' can't be established.
ECDSA key fingerprint is SHA256:NxIQt9euE5y80D/I87XYZT21f5gyOV/Yu43u.....
Are you sure you want to continue connecting (yes/no/[fingerprint])? 
Enter fullscreen mode Exit fullscreen mode

This is your SSH client checking the remote server’s “fingerprint,” a unique identifier. It’s like a digital passport for the server.

Before typing “yes,” it’s vital to ensure you trust this server. If you’re unsure, contact the server administrator to confirm the fingerprint.

This step protects against “man-in-the-middle” attacks. Imagine someone intercepts your connection trying to impersonate the real server — this verification process helps expose that deception.

Password Authentication

Once you type “yes,” you’ll be prompted for your password on the remote server. Enter your password, and if successful, you’ll be logged in.

However, typing your password won’t show any characters on the screen for security reasons. Type carefully and press Enter when done.

Understanding SSH Clients

An SSH client is the software that allows you to establish connections to remote servers. There are two main types:

Built-in Clients

Most modern operating systems come with SSH ready to go:

  • macOS and Linux: You’ll use the ssh command directly in a terminal window.

  • Windows (Windows 10 and later): The ssh command is available in PowerShell or the newer Windows Terminal.

Third-party Clients

Some of the most popular third-party SSH clients include:

  • PuTTY: A popular choice for older Windows versions or those who prefer a graphical interface (GUI) for managing connections.

  • Other Options: Numerous other clients exist (like MobaXterm, Termius), often with more advanced features.

Regardless of the client you choose, the majority of your work on a remote server happens through the command line.

GUIs can streamline connection setup and some file transfers, but direct command-line interaction is where most of the power of SSH lies.

Advanced SSH Concepts

While password authentication works, SSH offers some more powerful features to streamline your connections and further enhance security.

SSH Keys

SSH keys provide password-less authentication, making logins more secure and convenient. Let’s take a look at the basic process:

1. Generate a key

On your local computer, use t he ssh-keygen command:

$ ssh-keygen -t ed25519 -C "<comment>"
Enter fullscreen mode Exit fullscreen mode

The above command creates a public and private key (usually in ~/.ssh/id_ed25519 and ~/.ssh/id_ed25519.pub). Also, replace <comment> with a comment to help you identify the key.

2. Copy the public key to the remote server

Use the ssh-copy-id command:

$ ssh-copy-id jane_doe@example.com
Enter fullscreen mode Exit fullscreen mode

You’ll be prompted for your password on the remote server.

3. Connect without a password

Now try connecting:

$ ssh jane_doe@example.com
Enter fullscreen mode Exit fullscreen mode

Also note that you can protect your private key with a passphrase for an extra security layer.

Port Forwarding

Port forwarding allows you to access services on a remote server as if they were running locally. Now, let’s take a look at this common scenario:

$ ssh -L 8080:localhost:80 jane_doe@example.com
Enter fullscreen mode Exit fullscreen mode

This forwards port 8080 on your local machine to port 80 (the web server) on the remote server. Now, open a web browser and go to http://localhost:8080.

Conclusion

Mastering SSH opens the door to efficient remote management of your Linux system. Whether you’re administering servers across the globe, securely transferring files, or simply streamlining your workflow, SSH is a fundamental tool in your toolkit.

By understanding the core concepts of the ssh command, authentication methods, and other concepts, you’ll gain the confidence to connect and control your remote environment with ease.


Thanks for reading! If you found this article helpful (which I bet you did 😉), got a question or spotted an error/typo... do well to leave your feedback in the comment section.

And if you’re feeling generous (which I hope you are 🙂) or want to encourage me, you can put a smile on my face by getting me a cup (or thousand cups) of coffee below. :)

Also, feel free to connect with me via LinkedIn.

💖 💪 🙅 🚩
emminex
Emmanuel Oyibo

Posted on May 15, 2024

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related