In Linux, ssh is a protocol, which stands for Secure Shell or Secure Socket Shell. The secure shell is useful for security while connecting to a remote server. The ssh command uses a ssh protocol, which is a secure protocol, as the data transfer between the client and the host takes place in encrypted form. It transfers the input through the client to the host and returns the output transferred by the host. It executes through TCP/IP port 22.
The encrypted connection is also used to run the commands on a Linux server, portforwarding, tunnelling, and more.
There are lots of SSH clients that are available for both commercial and free. The OpenSSH is its most widely used client. It is available for all the most used platforms such as Windows, Linux, macOS, OpenBSD, and more.
Ssh-keygen -t rsa -b 4096 ssh-keygen -t dsa ssh-keygen -t ecdsa -b 521 ssh-keygen -t ed25519 Specifying the File Name. Normally, the tool prompts for the file in which to store the key. However, it can also be specified on the command line using the -f option. Ssh-keygen -f /tatu-key-ecdsa -t ecdsa -b 521 Copying the Public Key to. To install the OpenSSH client, locate 'OpenSSH Client', then click 'Install'. To install the OpenSSH server, locate 'OpenSSH Server', then click 'Install'. Once the installation completes, return to Apps Apps and Features Manage Optional Features and you should see the OpenSSH component(s) listed. There are two Debian-style ways to upgrade ssh-keygen, since openssh-client isn’t available in the Debian 8 backports. The first is to upgrade to Debian 9, since that has a new enough openssh-client package. The second it to rebuild the Debian 9 package on Debian 8. Make sure the 'whois' package is installed on the system, or you can install using the following command. Sudo apt install whois -y. And you will get the SHA-512 encrypted password. Next, we will generate a new ssh-key. Login to the 'provision' user and generate the ssh key using the ssh-keygen command. Su - provision ssh-keygen -t rsa.
Syntax:
Components of ssh command
The ssh command consists of three different types of components:
How SSH works?
To establish an SSH connection, we need two primary components; a client and a host, which can be a server, domain name, IP address, and more. Also, we require a ssh client to connect with another computer or server. The client uses the specified host information to establish the connection; if the provided credential verified, it will establish an encrypted connection.
![]()
The server (Host) contains an SSH process that is ready to take a request for the client connection through a TCP/IP port. Once the client initiates a connection, the host responds with the necessary information and exchanges the credentials.
If the provided information is verified, the SSH protocol establishes a new connection for the available environment.
The default SSH protocol version for SSH server and SSH client communication is version 2.
Install OpenSSH client on Linux (Ubuntu)
The OpenSSH client is a connectivity tool for the systems to connect two systems with the ssh protocol. It is also called as ssh and can be invoked from the Linux terminal. This client package contains other SSH utilities like sftp, scp, and ssh that are installed by default with the ssh command. It performs remote operations using these ssh utilities.
The OpenSSH client comes preinstalled with most Linux distributions. If any Linux system does not have the ssh client, we can install it manually by using the package manager.
To install the OpenSSH client, execute the below command:
The above sudo command will update the package of the Linux system. Consider the below snap of the output:
After updating the Linux system, execute the below command to install the OpenSSH client:
The above command will install the latest package of the OpenSSH client. Consider the below output:
As we can see from the above output, a daemon process is running to install the OpenSSH client. As in our machine, OpenSSH client is already installed, so it has displayed the message 'openssh-client is already the newest version.'
Note: The macOS carries the Openssh client by default.Install OpenSSH server on Linux(Ubuntu)
To make an SSH connection, we need to have the server-side part of the SSH software in our machine.
To check the installation status of the server, open the terminal and execute the below command:
If our machine does not have the server tool kit of the OpenSSH client, then it will display the output as follows:
In the above case, we have to install the OpenSSH server.
To install the SSH server, execute the below command:
The above command will prompt for the system administrative password, type the password, and press ENTER key to start the installation process. Next, it will confirm the installation type 'y' key and press ENTER key. Consider the below output:
After confirming the installation, a daemon process will begin and install the OpenSSH server on your machine.
To verify the installation, execute the below command:
The above command will display the status of the installation. If the installation is successful, it will display the output as follows:
There is another way to test the installation by ssh localhost command:
The above command will verify the connectivity type 'yes' to continue. Consider the below output:
Now, we have successfully installed the OpenSSH server on our machine.
SSH Key Generation
To create a connection with the host client, we need a specific key for an encrypted connection. Logging in to remote host computer by ssh key is more secure than using a password. After logging in the host, computer commands will only work if these commands will be written to the host computer directly.
To generate the ssh key, execute the below command:
The above command will generate the public and private keys for creating a connection to the host system. Consider the below output:
we can see from the above output, the ssh keys have generated. The ssh-keygen command creates two files, key@ssh, and [email protected], which contain private and public key, respectively.
It is recommended to hide the private key for security purposes, copy the public key to the remote host. After copying this key to a remote host, we can establish a connection using the SSH key, not by the password.
Techniques of SSH Protocol
The SSH protocol is more secure as compared to other protocols such as telnet, and the encryption techniques are quite good than other protocols. There are three major encryption techniques which are used by the SSH. They are as following:
SSH Commands
The client ssh has many functions for the ssh command, such as creating a key, configuring a key, opening an SSH server, holding a key for single sign-on, file transfer client, and more. Some most useful ssh commands are as follows:
Options: There are many command-line options are available to specify the different specification of SSH output. Some useful options are as following:
How to connect via SSH
As we have installed the SSH client and server, we can establish a secure connection with other machines. For a secure connection between two machines, they both have ssh client and server installed.
To establish a connection, execute the below command:
If the user name is verified by the machine that you want to connect, execute the below command:
The above command will ask for the password, type the password, and press ENTER key.
If we are making a connection for the first time, it will ask for the continue connecting; type yes and press Enter. It will add an ECDSA (Elliptical curve Digital Signature Algorithm) key and connect you to a remote server.
You are now eligible to control and manage a remote machine by your terminal. If you face any difficulty in establishing a connection, consider the following points:
Ssh Keygen Help
Next TopicLinux mail Command
In this article, I will show you how to install and configure SSH server on Debian 9 Stretch for remote login. Let’s get started.
Installing SSH Server:
First update the apt package repository cache of your Debian operating system with the following command:
Your apt package repository cache should be updated as you can see in the screenshot below.
On Debian, SSH server comes as ‘openssh-server’ package. To install OpenSSH on Debian, run the following command:
Press ‘y’ and then press <Enter> to continue.
OpenSSH server should be installed.
On Debian, the default behavior of OpenSSH server is that it will start automatically as soon as it is installed. You can also check whether OpenSSH server is running on it with the following command:
You should see ‘active (running)’ status as shown in the screenshot below. Which means SSH server is running. It is also listening on port 22.
If in any case OpenSSH server is not running, you can run the following command to start OpenSSH server.
Remove SSH Server from startup:
By default, on Debian, OpenSSH server should start automatically on system boot. If you don’t want it to start on boot then first stop the OpenSSH server with the following command:
Now if you check the status of your OpenSSH server, you should see that it is not running as shown in the screenshot below.
Now disable OpenSSH server from startup with the following command:
Start OpenSSH Server on boot:
If you want to start OpenSSH server on boot again, just run the following command:
Now start OpenSSH server with the following command:
If you check the status of OpenSSH server now, you should see that it is running as shown in the screenshot below.
Connecting to the SSH server remotely:
Before you can connect to the SSH server remotely, you must know the IP address of the SSH server.
To find out what the IP address of the computer running the SSH server, run the following command from that computer:
![]()
You can see from the screenshot that the IP address of the computer I have SSH server installed on is 192.168.10.82
Now, to connect to this machine from another computer, run the following command:
I will connect to the SSH server as user ‘shovon’ and with the IP address 192.168.10.82 from my Ubuntu 17.10 machine.
Once you press <Enter>, you should see the following prompt if it is the first time connecting to the SSH server, which it is.
Just type ‘yes’ and press <Enter>.
Then you should be prompted to enter the login password of the user you’re login as. Enter the password and press <Enter>.
You should be connected to the SSH server as that user. The hostname changed from ‘linuxhint-pc’ to ‘linuxhint’ as you can see from the screenshot below.
You can further verify that you’re connected to the remote server with the following command:
You can see that the IP address is 192.168.10.82! The IP of our SSH server!
You can run any command you want here and manage the remote server using SSH. You may even buy a Public IP and control your server from anywhere around the globe.
When you’re done configuring, just run the following command to close the SSH connection.
See? You’re logged out back into the ‘linuxhint-pc’.
root Access to the Remote Server with SSH:
Now if you want root access to the remote server, you may try to login as root with the following command:
But root access in modern operating system this way is disabled by default. It is also the case for Debian. There’s a ‘configurationless’ workaround, just login as an ordinary user and become root with the following command:
Enter your root password and you should be logged in as root as shown in the screenshot below.
Linux Install Ssh Keygen
You can change the configuration of your SSH server to allow direct root login as well.
To do that, open the ‘/etc/ssh/sshd_config’ configuration file with ‘nano’ with the following command:
The file should look like this.
Scroll down a little bit. You should see the line as marked in the screenshot below.
Apt-get Install Ssh-keygen
Remove the # sign before PermitRootLogin and change ‘prohibit-password’ to ‘yes’. Once you’re done, press Ctrl+X , press ‘y’ and then press <Enter> to save the file.
Now restart the SSH server with the following command:
Now you should be able to connect as ‘root’ user directly as shown in the screenshot below.
Ubuntu Install Ssh Keygen
That’s how you enable SSH server for remote login on Debian 9. Thanks for reading this article.
Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |