SSH

From LQWiki
Jump to: navigation, search

SSH is short for Secure Shell. It allows you to execute commands on a remote computer and much more. It uses encryption for the data transfer.

The ssh man page gives you an overview of the capabilities of ssh, as does using SSH on this site.


Using SSH

Main article: Using ssh

1. Type:

# ssh youruser@192.168.0.2

In this case, 192.168.0.2 is your target's IP address, where you have a user youruser. You can also use a hostname, in our examples target instead of an IP address. 1st time you log in to a system a mesage will come up:

 The authenticity of host 'xxxxx' can't be established.
 DSA key fingerprint is 94:68:3a:3a:bc:f3:9a:9b:01:5d:b3:07:38:e2:11:0c.
 Are you sure you want to continue connecting (yes/no)?  <-- type in y for yes or n for no

If you type yes then:

 Warning: Permanently added 'xxxxxxxx' (RSA) to the list of known hosts.

2. Now type in the password

3. If you don't want to log in but you want to execute a command, do this:

# ssh youruser@target date

This will execute the command date as user youruser on the computer target.

You can even run GUI programs with this. For example, if you wanted to run a GUI text editor like kate or a web browser like firefox, try something like this:

ssh -X username@servername firefox

This will cause firefox to load on the remote machine, however the interface will be forwarded to your local machine giving you remote control over an encrypted ssh connection. Pretty cool, huh? ;-) If this doesn't work out-of-box then it probably means that it is turned off in the openssh server configuration.

TroubleShooting

If ssh does not work, you may have switched on the firewall. Make sure your target computer has port 22 open towards your computer:

telnet target 22
Trying 192.168.0.2...
Connected to target.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.6

See also

SSH Client Software

Some implementations for other OS:

  • SSHDOS - client for MS-DOS.
  • PuTTY - client for console access and X-Windows forwarding on Windows.
  • WinSCP [1] - open source SFTP and SCP client.
  • The Cygwin UNIX environment for Windows includes OpenSSH's client and server.

Troubleshooting SSH Connections

Get debug information

SSH clients and servers can generate a lot of debug information.

On the server, kill sshd, and then start the server in debug mode.

$ killall sshd PID
$ /usr/sbin/sshd -ddde

Leave the window open, so you can see the output it generates.

Then on the client, run:

$ ssh -vvv (target-host)

ssh -X does not work

If ssh -X works, but you still do not get the graphical display from your remote machine, check /etc/ssh/sshd_config. There must be a line

X11Forwarding yes

See also

  • Using SSH -- copying files, remoting, clients
  • SFTP - secure file transfer protocol
  • Scp - secure copy protocol
  • Sshd - SSH daemon
  • Tunneling with SSH Using SSH to tunnel TCP connections.
  • autossh SSH Tunnels that won't drop dead.