What is SSH ?
Below are main features that make SSH protocol so popular and trustworthy.
1: Encryption - SSH uses encryption algorithm to encrypt data before send to remote machine. It creates an encryption session before start communication.
2: Authentication - Before send data or establish communication SSH enusre that only authentic user/machine can communicate and no else can pretend to be user/host machine.
3: Integrity - SSH is also responsible for data integrity so no one can temper the data during active session.
Usage:
1: Secure Remote Login
2: Secure X11 Session
3: Secure File Trasnfer Protocols( SCP, SFTP, RSYNC, FISH)
4: Secure Execute Single Commands In Remote Machine
5: TCP Port Forwarding
6: Secure Tunneling
7: Keybase Auto Login
8: Secure VPN and Proxy (e.g SOCKS)
What is SSH Keys
SSH keys are an encrypted code which is used to authenticate a machine or user to access a remote machine over a network securely. When ssh key generated it should be copied to that machine which we have to login through SSH
Below are the reason why we need SSH key to remote authentication.
1: Repetitive Logins To A Server
2: Automation Jobs Which Required Authentication
3: Authenticate User In More Secure Way
Important SSH Commands
Note: At any time see man pages for help using "man ssh" command. And to login to remote machine you can either enter the hostname or machine ip.
1: Login to a remote machine using currrent login user credentials of local machine
ssh ip
2: Login to a remote machine using existing user account of remote mahicne
ssh user@ip
3: Login to a remote machine with different SSH port number
ssh -p port_number user@ip
4: Generating a SSH public and private key-pairs with default algorithm.
ssh-keygen
5: Generating a SSH public and private key-pairs by using specific algorithm (e.g RSA, ECDSA, DSA, MD5)
ssh-keygen -t rsa
6: Copying the SSH public key to the remote machine.
ssh-copy-id user@hostname
7: Copying the ssh public key to the remote machine by specifying path.
ssh-copy-id ~./ssh/id_rsa.pub user@hostname
8: Enable X11 forwaring.
ssh -X user@ip
OR
ssh -Y user@ip
Note: X window system should be installed on remote machine. run below command to install X windows system.
yum group install "X11 window system"
9: Execute a single command in the remote machine without logging into remote machine.
ssh user@ip command
10: Force users to run only specific command, just open ~.ssh/authorized_keys
file of your ssh server and add below text before starting of your key e.g beforessh-rsa.
command="/usr/bin/top"
Example:
Note: You can have only one command per key, because the command is “forced”. If you want to add multiple commands to allow user to execute you have to create either a bash script or a wrapper with allow commands list and specify
that script in ~.ssh/authorized_keys
path
For more information on this please refer to this stackoverflow post
11: Allow only specific local machine to access remote machine, just add below line before ssh-rsa
in remote machine's ~./ssh/authorized_keys
.
from="127.0.0.1"
Example:
0 Comments