Skip to Content
πŸŽ‰ Welcome to my notes πŸŽ‰
Networking17. SSH (Secure Shell)

πŸ” The SSH Protocol Suite

πŸ€” What is SSH?

SSH (Secure Shell) is a cryptographic network protocol used for secure communication over an unsecured network. It provides a secure, encrypted channel between a client and a server, making it the standard for remote administration.

  • Key Features:
    • Encryption: All traffic, including passwords and commands, is encrypted, preventing eavesdropping.
    • Authentication: Verifies the identity of both the user and the server.
    • Integrity: Ensures that the data sent has not been tampered with.
  • Default Port: SSH uses port 22 by default.

πŸ’» Remote Terminal Access Using SSH

SSH allows you to open a command-line interface (a β€œshell”) on a remote machine as if you were sitting right in front of it.

  • How to Connect: The basic command is ssh username@hostname_or_ip.
  • Example: ssh admin@192.168.1.100
  • First-time Connection: The first time you connect to a new server, SSH will show you the server’s public key fingerprint and ask you to verify it. This is a crucial security step to prevent man-in-the-middle attacks.

πŸ“‚ Transferring Files Using SCP

SCP (Secure Copy Protocol) uses SSH to securely transfer files between a local and a remote computer.

  • Syntax:
    • Upload (local to remote): scp /path/to/local/file.txt username@hostname:/remote/path/
    • Download (remote to local): scp username@hostname:/remote/path/file.txt /local/path/

πŸ”‘ SSH Public and Private Keys

This is a highly secure alternative to password-based authentication. It uses a pair of cryptographic keys to verify your identity.

  • The Key Pair:
    • Private Key: This is your secret key. It is stored on your local computer and must be kept absolutely safe.
    • Public Key: This is the β€œlock.” It is copied to the remote server and can be shared without risk.
  • How it Works: When you connect, the server uses your public key to issue a challenge. Your SSH client uses your corresponding private key to solve the challenge, proving your identity without ever sending your private key over the network.

✈️ Connecting to Multiple SSH Servers (SSH Config File)

Managing connections to many servers can be simplified using an SSH config file, located at ~/.ssh/config on Linux and macOS.

  • The Problem: Remembering different hostnames, usernames, ports, and keys is difficult.
  • The Solution: You create aliases or β€œshortcuts” in the config file.
  • Example ~/.ssh/config file:
    ~/.ssh/config
    Host work-server
    HostName 10.20.30.40
    User ubuntu
    Port 2222
    IdentityFile ~/.ssh/work_key
 
Host home-nas
    HostName nas.local
    User admin
  • Result: Instead of typing the full command, you can now simply connect by typing ssh work-server or ssh home-nas.
Last updated on
16. Network Topology18. Proxy Servers