How to connect to ssh server linux

Connecting to a Remote Server Over SSH on Linux

Estamos traduciendo nuestros guías y tutoriales al Español. Es posible que usted esté viendo una traducción generada automáticamente. Estamos trabajando con traductores profesionales para verificar las traducciones de nuestro sitio web. Este proyecto es un trabajo en curso.

A secure shell (SSH) is used for secure communication between devices. When most people refer to SSH, it is within the context of connecting from a local computer to a remote server, commonly for administration tasks related to website hosting.

This article covers the basics of connecting to a remote server (such as a Linode) over SSH on a Linux system.

Before You Begin

  1. Ensure you have a Linux server with an SSH server (like OpenSSH) installed. Most Linux distributions have an SSH server preinstalled. If you wish to deploy a new server, follow the Creating a Compute Instance guide to create a Linode.
  2. Your local computer needs an SSH client that can be used through a terminal application. Most modern Linux distributions have SSH installed and ready to use.

Open the Terminal

On your local computer, open the terminal application you wish to use. The terminal allows you to access your operating system’s shell environment and run programs through the command line.

If you’re using Linux through the command line, you are already in the terminal and can skip this section. If you are using Linux through a desktop environment (a graphical interface), you’ll need to locate and open the terminal application that comes with your Linux distribution and desktop environment. In most cases, pressing Ctrl + Alt + T on your keyboard opens the default terminal.

  • Gnome: The default terminal emulator is Gnome Terminal. Gnome is the default desktop environment for Ubuntu.
  • KDE: The default terminal emulator is Konsole. KDE is the default desktop environment for Manjaro.

If this key combination does not work for you, other instructions for opening a terminal vary depending on the Linux distribution and desktop environment you are running. In many cases, you’ll want to open the application search tool and search for “terminal”.

Connecting to the Remote Server Over SSH

  1. Within the terminal, enter the following command, replacing [username] with the username of the remote user and [ip-address] with the IP address or domain name of the remote server.

If the server’s SSH port is something other than 22, it needs to be specified in the SSH command. To do this, use the -p option as shown in the command below. Replace [port-number] with the port number that the remote SSH server is using.

The authenticity of host ‘example.com (93.184.216.34)’ can't be established. ECDSA key fingerprint is SHA256:d029f87e3d80f8fd9b1be67c7426b4cc1ff47b4a9d0a84. Are you sure you want to continue connecting (yes/no)?

You can verify the fingerprint by following the instructions on the Verifying the Authenticity of a Remote Server guide.

Читайте также:  Synaptic linux установка пакета

If you recently rebuilt your server, you might receive an error message when you try to connect. This happens when the remote host key changes. To fix this, revoke the key for that IP address.

Warning: Permanently added 'example' (ECDSA) to the list of known hosts.

Once you have successfully connected, your terminal should be using the remote shell environment for the server. Your command prompt should now show the username and hostname configured for the server. You can now run any commands that you have available on that server. This includes many of the basic Linux commands, such as ls , cd , rm , and those covered in Using the Terminal guide. Getting to know these commands will help you navigate around your server.

Ending the SSH Session

After you are done, log out of the session by typing exit . The terminal then shows something similar to:

logout Connection to 93.184.216.34 closed.

At this point, the shell prompt returns to the one for the local workstation and the terminal application can be closed if it’s no longer needed.

Sending Commands Over SSH

Instead of using SSH to open your remote server’s console, you can run commands on your server without leaving your local shell environment. This can enable you to quickly run commands both locally and remotely in the same terminal window.

Sending a Single Command

To run a single command on your remote server, use the following command. Replace [username] with the username of the remote user, [ip-address] with the IP address or domain name of the remote server, and [command] with the command you wish to run.

As an example, running ssh me@192.0.2.0 ls lists all the files in the home directory of the user called me . This can be useful to find the uptime of the server ( ssh me@192.0.2.0 uptime ) or maybe determine its Linux distribution and version ( ssh me@192.0.2.0 lsb_release -a ).

Sending Multiple Commands

To run multiple commands on your remote server (one after the other), use the following command. Replace [command-1], [command-2], and [command-3] with the commands you wish to run.

The commands should be separated by a semi-colon ( ; ) and all of the commands together should be surrounded by double quotation marks ( » ). For example, if you wanted to create a file named bar.txt in a directory called foo within the user me’s home directory, run: ssh me@192.0.2.0 «mkdir foo; cd foo; touch bar.txt .

Using sudo

It’s recommended to disable root access over SSH and only log in to your remote server through a limited user account. However, some commands require elevated privileges, which can usually be accomplished by prepending the command with sudo . If you attempt to do this while running commands directly through the SSH command, you may receive an error such as “no tty present” or there isn’t a “stable CLI interface”. To run the sudo command in these instances, use the -t option, which forces a psuedo-terminal allocation. For example, to update your packages on a Debian-based system, run ssh linode@example.com -t «sudo apt update» .

Читайте также:  Linux ubuntu создать root

Going Further

Troubleshooting SSH Connection Issues

If SSH isn’t connecting you to your Linode, you may need to investigate the state of your server. See the guide Troubleshooting SSH for assistance.

Increasing Security

  • Now that you can connect from your Linux machine to the Linode over SSH, save not only time but also make the connection even more secure by using SSH public key authentication. For more information, see SSH add keys.
  • See the “Harden SSH Access” section of Setting Up and Securing a Compute Instance guide to review how to secure SSH on the server’s side, and the Advanced SSH Server Security for more information on making it even more secure.

This page was originally published on Friday, June 25, 2021.

Источник

How to access remote systems using SSH

The SSH tool allows you to log in and run commands on a remote machine just as if you were sitting in front of it.

Person with a laptop and phone

Red Hat Enterprise Linux (RHEL) is a multitasking operating system that allows multiple users to connect to it. Two or more users connected to the same server at once? How is this possible? There are two forms of access: physical access (standing in front of the server and a keyboard) or remote access (over a network).

Training & certification

In the modern world, where working from home has become prevalent and most organizations use cloud systems, it’s not practical to always be physically at a server to perform an administrative task.

Remote access methods

There are two forms of remote access on RHEL and most Unix and other Linux systems:

  • Secure Shell (SSH) provides a text console on a server, with the option to forward graphics as needed.
  • Virtual Network Computing (VNC) provides a graphical login to a system, with a full desktop in a VNC client.

Both are common, but most sysadmins default to the simplicity, flexibility, and efficiency of SSH.

The OpenSSH suite contains tools such as sshd , scp , sftp , and others that encrypt all traffic between your local host and a remote server.

The sshd daemon, which runs on the remote server, accepts connections from clients on a TCP port. SSH uses port 22 by default, but you can change this to a different port. To initiate an SSH connection to a remote system, you need the Internet Protocol (IP) address or hostname of the remote server and a valid username. You can connect using a password or a private and public key pair. Because passwords and usernames can be brute-forced, it’s recommended to use SSH keys.

For an SSH client and server to establish a connection, the SSH server sends the client a copy of its public key before allowing the client to log in. This process encrypts traffic exchanged between the server and the client.

Install SSH

OpenSSH is usually installed by default on Linux servers. If it’s not present, install OpenSSH on a RHEL server using your package manager, and then start and enable it using systemctl :

[server]$ sudo dnf install openssh-server [server]$ systemctl enable --now sshd

You can then access the server with most terminal applications that support the SSH protocol (GNOME Terminal, Konsole, PuTTY, mobaxterm, and others). Most Linux and macOS systems have the openssh-clients package installed by default. If not, you can install the client on a RHEL system using your package manager:

[server]$ sudo dnf install -y openssh-clients

You can now initiate a connection to the server using the IP or the hostname.

Читайте также:  Windows server 2022 linux

Log in over SSH

To access a server with IP 10.200.1.3 from another Linux system, the syntax is:

For example, to log in as the user tux to a server located at 10.200.1.3:

In instances where SSH runs on a different port, say 2345, specify the port number with the -p option:

[client]$ ssh -p 2345 tux@10.200.1.3

The first time you connect to a remote server, you’re prompted to confirm the system’s identity:

[client]$ ssh tux@10.200.1.3 The authenticity of host '10.200.1.3 (10.200.1.3)' can't be established. ED25519 key fingerprint is SHA256:55ZkHA/4KU7M9B3je9uj8+oOLjFdV0xHxPTjMvCT0hE. Are you sure you want to continue connecting (yes/no/[fingerprint])? 

The fingerprint is a unique identifier for the system you’re logging into. If you installed and configured the system, you may (or may not) have a record of its fingerprint, but otherwise, you probably have no way to confirm whether the fingerprint is valid. The fingerprint is derived from an SSH key located in the /etc/ssh directory on the remote server. That server’s admin can confirm the expected fingerprint using this command on the server:

[server]$ sudo ssh-keygen -v -lf \ /etc/ssh/ssh_host_ed25519_key`

This command extracts a fingerprint from the host’s SSH key, which you can use to check that the server you’re logging onto is the server you expect.

[ Learn why the operating system matters to your IT infrastructure’s foundation. ]

Assuming you’re happy with the fingerprint, type yes followed by the user’s password, and you have access. When using SSH key authentication, there’s no need for a password, and the connection is established. SSH keys help thwart brute-force attacks, and they also prevent you from constantly having to type and retype a password, so they’re the safer option.

Career advice

If a client doesn’t have a copy of the public key in its known_hosts file, the SSH command asks you whether you want to log in anyway. If you do, a copy of the public key is saved in your ~/.ssh/known_hosts file so that the server’s identity can be automatically confirmed in the future. SSH warns you if the server’s fingerprint changes.

Use a remote shell

SSH is a powerful tool for remote access. It allows you to log in and run commands on a remote machine just as if you were sitting in front of it. Many sysadmins use custom prompts for remote machines to avoid confusing a local terminal with a remote one. For instance, you might set the login prompts of remote machines to contain the hostname, use % instead of $ , or use a tool like Starship to manage PS1 for you.

Wrap up

OpenSSH is probably already installed on your Linux systems, but refer to the commands above to install it with your favorite package manager. You may use the default settings, such as port 22, or customize the settings. It’s usually best to use key-based authentication. You have many options to take full advantage of this robust and critical remote administration tool.

Источник

Оцените статью
Adblock
detector