$Id: secureshell.php 298 2009-12-30 01:53:00Z gjb $

`ssh`

Secure Shell (ssh) is a widely used UNIX tool to manage remote servers over a secured connection. Typically, the syntax is:

ssh username@remoteserver

However, ssh is a highly versatile tool. For example, if you ran the ssh daemon (or background process) on a port other than the default (22) -- let's s ay 8800 -- you would execute the following command:

ssh -p 8800 username@remoteserver

Another useful feature that ssh is capable of is "passwordless authentication." To do this, you have to:

Generate a private SSH key pair
Upload the public key to the server
Test it

First, generate the key:

ssh-keygen -t rsa

*To generate a 'passwordless' key, do not enter anything when prompted for a password. (This typically is not recommended, however I use passwordless SSH for my rsync tutorial). Just press [Enter]. For a complete list of the ssh-keygen parameters, ie., number of bytes the key should contain, 'man ssh-keygen'.

Next, upload the key to the server. I do this a few different ways, typically.

fish:// protocol (included in KDE's Konqueror)
Screen sessions (using copy/paste -- although my reason for using 'screen' is explained next)

I use 'screen' to test the SSH key for a very good reason -- the chance of getting locked out of the server. Let's face it. Weird things happen. That includes corrupt file transfers. If you upload the key using the ssh protocol alone (which is possible), and the file is corrupt in transit, there is a (slight) chance of locking yourself out of your server. That would be bad.

So now, copy the information to the remote server:

cd ~/.ssh
less id_rsa.pub

The information starting with "ssh-rsa" to "username@host" all has to be copied to the server's ~/authorized_keys file. If you would rather append a key (if you wanted more than one passwordless client), copy the file as a different filename, for example, my_key, and on the server, run:

cd ~/.ssh
cat my_key >> authorized_keys

sysadmin

${USER}

misc

`ssh`