What is SSH and how do you use it?
For any systems administrator, the ability to log into a remote server or desktop is crucial.
17:07 25 November 2019
Without the ability to do so, anyone needing to work on a remote machine would be out of luck. But how do administrators log into those remote machines?
Once upon a time, the telnet and rlogin tools were used for remotely logging into servers. These were incredibly easy-to-use tools that gave administrators a simple route to remote login. After years of usage, it was finally discovered that both telnet and rlogin were terribly insecure.
When using either telnet or rlogin, data was sent in plain text, with zero form of encryption available. That meant anyone with the skill could be listening in on the data packets being sent and read them. The thing is - no administrator should be willing to transmit unencrypted data over the internet.
Because of the dramatic lack of security in these two protocols, a new protocol was necessary. Enter Secure Shell, aka SSH.
What Is SSH?
SSH is a network protocol capable of transmitting encrypted data over unsecured networks. SSH is a command-line tool that uses public-key cryptography as a means to authenticate users from one machine to the next. This became a boon for remote administrators as well as QA testing services needing reliable, secure remote access to servers and desktops.
The first iteration of SSH, SSH-1, was developed In 1995 by Tatu Ylönen, a researcher at Helsinki University of Technology, Finland. The creation of SSH-1 was prompted by a password sniffing attack on the Helsinki University network. The goal was to replace a number of networking protocols (telnet, rlogin, FTP, and rsh) with one that offered exponentially stronger security.
Soon after Ylönen created SSH-1, he founded the SSH Communications Security, which served as a marketing tool for his SSH protocol.
In 2006, a new iteration of SSH, SSH-2, was developed by the Internet Engineering Task Force (IETF). The new version was incompatible with the original and offered numerous security enhancements and features.
Back in 1999, a group of developers wanted an open source version of SSH, so they took up version 1.2.12 of SSH and released OpenSSH. As of 2005, OpenSSH is the most popular of all the SSH iterations.
How Is SSH Used
In order for SSH to work, there must be a server and client. The server runs on the remote machine and accepts incoming connections on the default port 22. The client is any piece of software capable of making a connection to the SSH server. Examples of clients include:
- OpenSSH client for both Linux and macOS
- PuTTY (one of the most popular Windows GUI clients for SSH)
- Snowflake SSH (a new SSH GUI for Linux)
- Termius SSH (a mobile app for Android and iOS)
With SSH on both the client and server, it is then possible to log into the remote server by issuing a command on the client like this:
Where USER is a remote username and SERVER_IP is the IP address of the server. You will be prompted for the remote user’s password. Upon successful authentication, you’ll be logged in and can start working.
One very good reason why SSH is so popular is its ability to use public-key authentication. How this works is simple. You create an SSH keypair with a strong password on the client-side. You then copy the public key from that pair to the remote server. At that point, the only way anyone can log into that remote server with your username is if they have the private key from that pair.
Of course, that means you must create the keypair. Believe it or not, that’s a simple task. To do this you would log onto the client and, assuming you’re working on Linux, issue the command:
You will be prompted for a location to save the key and then type/verify a password. Make sure to use a strong and unique password for your keypair.
Once you’ve generated your keypair, you must copy the public key to the remote server. Fortunately, SSH has a built-in tool that can handle this task. To send the public key to the server, issue the command:
Where USER is the remote username and SERVER_IP is the IP address of the remote server.
With this taken care of, you will always be prompted for your SSH key authentication passphrase and not your user password. This is a much more secure way to use SSH over regular password authentication.
SSH also usurped the old FTP protocol for file transfer. Along with SSH comes the scp (secure copy) command. With this command you can send files to and from a remote machine, using the same level of secure encryption found with SSH.
By employing scp, you make it easier for software QA outsourcing and other third-party entities to send and receive files directly to your servers and desktops.
The scp command has a syntax that does require some getting used to. Say you have a file (named test in the /some/remote/directory path) on your local drive, and you want to send that file to a server with the IP address of 192.168.1.19 and save it in the /some/remote/directory. To do that, the command would be:
scp test firstname.lastname@example.org:/some/remote/directory
You will be prompted for either your remote user password or the SSH key authentication password. Once authenticated, the file will be sent to the remote directory.
What if you wanted to retrieve that test file from the remote machine to your local drive? That can be with the command:
scp email@example.com://some/remote/directory/test /home/olivia/Documents/test
It is imperative that every system administrator gets up to speed with SSH. If you want to log into remote servers and desktops, SSH should be considered the go-to option.