ssh - Linux

Overview

The SSH (Secure Shell) command in Linux provides a secure method to remotely access the shell of another computer. This command encrypts the connection between the client and server, ensuring privacy and security. It is primarily used for managing systems and applications remotely, executing commands, and transferring files via associated utilities like scp and sftp.

Syntax

SSH command syntax can be simple or complex depending on the use case. Here is the general form:

ssh [options] [user@]hostname [command]
  • user@: specifies the username to log in as on the remote machine.
  • hostname: the server name or IP address of the remote machine.
  • command: an optional command to be executed on the remote server.

Options/Flags

Several options modify the behavior of an SSH connection:

  • -p [port]: Connects to the specified port. The default is port 22.
  • -i [identity_file]: Use the specified file as the identity (private key) for public key authentication.
  • -v: Verbose mode; increases the amount of detail shown during connection negotiation.
  • -o option: Can set specific options in a key-value pair format like StrictHostKeyChecking=no
  • -L [bind_address:]port:host:hostport: Sets up a local port forwarding.
  • -C: Compresses data before sending. Useful in low-bandwidth situations.
  • -X: Enables X11 forwarding.

Examples

Basic Connection:

ssh username@example.com

Specifying a Port:

ssh -p 2222 username@example.com

Running a Command Remotely:

ssh user@example.com "uptime"

Using a Specific Identity File:

ssh -i ~/.ssh/my_key user@example.com

Forwarding Ports:

ssh -L 5900:localhost:5900 user@example.com

Common Issues

  • Permission Denied: Often due to incorrect permissions on the user’s ~/.ssh directory and files. Permissions should be set properly (e.g., 700 for ~/.ssh and 600 for ~/.ssh/authorized_keys).
  • Connection Timed Out: This can occur due to network issues, incorrect IP or hostname, or wrong port if server-side SSH is listening on a non-default port.
  • Host Key Verification Failed: Indicates an issue with the host keys stored in ~/.ssh/known_hosts. This can be resolved by removing the offending key with ssh-keygen -R hostname.

Integration

SSH is often combined with other commands and scripts:

  • Copying Files Securely: Using scp to transfer files securely: 
    scp /path/to/local/file user@host:/path/to/remote/directory
  • Executing Local Scripts Remotely: 
    ssh user@host 'bash -s' < local_script.sh
  • Tunneling for HTTP Traffic: 
    ssh -L 8080:localhost:80 user@webserver
  • scp: Secure copy (SCP) is a means of securely transferring computer files between hosts.
  • sftp: SSH File Transfer Protocol, a secure file transfer protocol.
  • ssh-keygen: Generates, manages, and converts authentication keys for ssh.
  • ssh-add, ssh-agent: Tools for managing SSH keys in a proper session.

For further reading, the official OpenSSH documentation provides comprehensive details.