There are already a lot of guides and tutorials about what SSH is and how to use it on Linux servers, but unfortunately a lot of it is written in technical jargon. This can easily confuse less experienced persons trying to manage their server while it is basically a very simple and useful technologie.
In this guide I will try to learn you the SSH basics. What does SSH stand for and what is it exactly? What is an SSH server? What is an SSH client? What can you do with SSH (i.e. syntax)? What can you do to secure it?
What is SSH?
SSH stands for Secure SHell and is a protocol used to give a robust and secure way to control another computer (including servers) remotely via the command line. It is an essential tool to master as a system administrator and is really useful for taking control of things like web servers.
It is the most common way to access remote Linux and Unix-like servers, such as VPS instances. If you order hosting from a hosting company, sometimes even with shared hosting, you get a fixed IP address and SSH access which allows you to take control of the server using the command line. In this guide I will help you accessing your system remotely with SSH.
An SSH client is software installed on your computer. It is used to send messages to the SSH server which is installed on the remote computer (such as the webserver or VPS). In normal circumstances a valid SSH server is already running on a new machine with Ubuntu. This is called Open SSH on Ubuntu. If not, you can try starting the SSH server by accessing the server locally or via the console (if provided by your hosting provider). You can start the SSH server with this command:
sudo service sshd start
If you do not have an SSH server installed already you will need to install it on the remote server. If you do not have access to the remote computer, simply contact your host to install an SSH server. This shouldn’t be that much trouble as the terminal command to do this is the following:
sudo apt-get install openssh-server
On Windows I highly suggest that you use PuTTY as an SSH client. PuTTY is a client program for SSH (among other things) and gives a neat little interface for making SSH connections. It has been around for ever and can also be used on Windows without installation (just runs as a .exe).
Macintosh computers have an application installed called “Terminal”. This is built-in the Mac OS. You can search for it or find it in the “Utilities” folder under “Applications”.
The command you’ll need to use to connect to the remote server in unsurprisingly ssh. To login in to your remote server you can use the command:
Simply enter your username (or root to login as root) and the remote_host (this can either be the domain name or the IP address). Once you have connected to the server, you will probably be asked to verify your identity by providing a password. Now you are successfully connected to your server!
If you want to exit the server and go back to your local session you can simply type:
Optional: securing SSH
While I highly recommend the following step to secure your server, it is optional. The standard SSH port is 22 and there are a lot of bad people trying to brute force they way in through that port. You can easily change the port to another number to secure your server. I will show you how to login with this new port at the end. First of all, let us go ahead and open up the SSH configuration file to change the port.
sudo nano /etc/ssh/sshd_config
So by default the SSH port is 22. You can change this to any integer between 1025 and 65536. In this example I am using 9999. Do not forget this number. Of you do it may lock you out of your server completely. You will need it to log in in the future. Doing this change will make a lot more difficult for unauthorized people to access your server.
Save and exit the file. Reloading SSH is necessary to implement the new port and settings.
sudo reload ssh
Do not close the terminal window just yet. Just to make sure that everything got implemented correctly, open up a new terminal window and log in again using the following command. You’ll notice that we now need to specify the SSH port (with -p).
ssh -p 9999 username@remote_host
If everything went right, you are now connected to your server via the port you have chosen.
SSH is one of the most commonly used protocols. You can use it to access files, edit files, make backups, manage databases, monitor your server, install updates and upgrade, install software,… Learning your way around SSH is a worthwhile pursuit, if only because it is such a common activity.
As you utilize the various options, you will discover more advanced functionality that can make your life easier. SSH has remained popular because it is secure, light-weight, and useful in diverse situations.