If you ever have to do any remote administration, at some point you’re going to have to log into a Linux server and get to work. To do that, you’re going to need to use SSH (aka Secure Shell). For those that have never been exposed to such a tool, you’re in for a treat.
What is SSH?
SSH is a secure means of logging into a remote machine. Once logged in, you can run any command you need to work with the server. Before you think that using SSH is difficult, fret not. Using SSH is not only fairly easy, but it’s also really quite powerful.
I want to walk you through the first steps of using SSH. I’ll be demonstrating on Pop!_OS Linux but this information will work on any distribution of Linux that supports SSH (which is most of them). The only things you’ll need to follow along with this tutorial are two running instances of Linux. That’s it. Let’s get busy with SSH.
Basic SSH login
Using SSH makes it possible for you to log in from a local machine to a remote machine. You’ll need user accounts on both machines. Those accounts don’t have to be the same on each machine (I’ll explain this in a minute), but you do need to have login credentials for both.
You will also need the IP address (or domain) of the server you want to log into. Let’s say, for example’s sake, our remote server is at IP address 192.168.1.11 and our user account is the same on both machines. Log into your desktop computer, open a terminal window, and log in to the remote machine with the command:
ssh 192.168.1.11
You will be prompted for your username on the remote machine. Once you’ve successfully authenticated with the password, you’ll be logged into the remote machine, where you can start working.
Now, what if your username on the remote machine isn’t the same as the one on the desktop? Let’s say your username on the remote machine is olivia. To log in with that username, the command would be:
ssh olivia@192.168.1.11
You will be prompted for olivia’s password (not the local user’s).
Normally, SSH uses port 22. Some administrators might change that port (for security purposes). If the server administrator has configured SSH to listen to port 2022, you can’t simply type the standard SSH command to log in. Instead, you have to add the -p option like so:
ssh olivia@192.168.1.11 -p 2022
SSH Site configuration
Remembering all of those IP addresses and usernames can be a real headache for some. Fortunately, SSH makes it possible for you to create a configuration file that houses all of this information. Say, for example, you have the following list of servers you log into:
- webserver – 192.168.1.11
- email server – 192.168.1.12
- database server – 192.168.1.13
Let’s configure SSH such that you would only have to log in with the commands:
- ssh web1
- ssh email1
- ssh db1
We’ll also assume that the user on web1 is olivia, the user on email1 is nathan, and the user on db1 is the same as the user on the local machine. To set this up, we must create a config file in the ~/.ssh directory. For that, go back to the terminal window on your local machine and issue the command shown in Figure A.
Where USER is your Linux username.
In that file, add the following lines:
Host web1 Hostname 192.168.1.11 User olivia Host email1 Hostname 192.168.1.12 User nathan Host db1 Hostname 192.168.1.13
Save and close the file. You should now be able to log into those different servers with the shorter commands (i.e. ssh web1, ssh email1, and ssh db1). It’s important to remember, however, that for web1 you’ll be prompted for olivia’s password, email1 will ask for nathan’s password, and db1 will ask for the same user as the local one.
Running commands on a remote machine with SSH
This is a handy little trick. Let’s say you don’t necessarily want to log into a remote machine but you do need to run a command. For example, you want to list out the contents of the remote user’s home directory. For that, you could issue the command:
ssh olivia@192.168.1.11 ls /home/olivia
Since we’ve set up our config file, we can truncate that command to:
ssh web1 ls /home/olivia
We can cut off a bit more from that command because Linux has a shortcut for a user’s home directory (because /home/olivia and ~/ are the same things). For that, our command becomes:
ssh web1 ls ~/
And that, my dear friends, is the basics of using SSH to log into a remote Linux machine. If you ever have to do any remote administration of a Linux machine, this is what you’ll need to know. Next time around, I’ll introduce you to SSH Key Authentication, for even more secure remote logins.