This micro-howto will examine, within a decidedly condensed framework, the basic operations of SSH, a secure replacement for
rlogin, under Unix platforms. SSH is commonly employed to login to and execute shell commands on remote Unix systems. SSH provides multiple authentication schemes and uses strong cryptography.
Suppose that your account is hosted on myServer.csoft.net, log in using:
$ ssh myUsername@myServer.csoft.net
You can also execute a single command on the server:
# Return the size of the remote ~/www directory is: $ ssh myUsername@myServer du -hs ~/www
If the username on your local workstation happens to be the same as your username on the server, you don't need to pass myUsername at all:
$ ssh myServer.csoft.net
You can also indicate which usernames to use by default for a particular host with a
User statement in your local ~/.ssh/config file:
Host myServer.csoft.net User myCsoftUsername
Included within OpenSSH is the scp(1) utility, which allows files and directories to be securely transferred to and from the server.
# Upload scp file myUser@myServer scp files/* myUser@myServer scp file myUser@myServer:renamedFile scp -r dir myUser@myServer # Download scp myUser@myServer:file . scp myUser@myServer:files/* . scp myUser@myServer:file renamedFile scp -r myUser@myServer:dir renamedDir
OpenSSH also provides a classic FTP client interface withsftp(1):
$ sftp myServer
Public key authentication may be accomplished via SSH by merely appending your public key to ~/.ssh/authorized_keys on the server.
# Copy the public key to the server. $ scp ~/.ssh/id_ed25519.pub myServer:myWorkstation.pub # Add the key to the authorized keys database. $ ssh myServer cat mykey.pub >> ~/.ssh/authorized_keys
If you don't have any ssh keys in ~/.ssh/id_*.pub, you can generate new ones with ssh-keygen(1):
$ ssh-keygen -t ed25519 $ ssh-keygen -t ecdsa
Make sure to select a good passphrase. The ssh-agent(1) program can be used to achieve password-less authentication (ssh-agent attaches to your login session, runs in the background and remembers the passphrases to your keys).
$ eval `ssh-agent` $ ssh-add