Introduction

SSH lets you securely connect to another computer over a network. It solves the problem of safely managing remote servers without being physically present.

When you want to log into a remote server to check logs or fix issues.

When you need to transfer files securely between your computer and a remote machine.

When you want to run commands on a remote computer without being there.

When you manage cloud servers and need a secure way to access them.

When you want to set up a secure tunnel for other network services.

Commands

This command starts a secure connection to the remote server at example.com using the username 'user'.

Terminal

ssh user@example.com

Expected OutputExpected

The authenticity of host 'example.com (93.184.216.34)' can't be established. ECDSA key fingerprint is SHA256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'example.com,93.184.216.34' (ECDSA) to the list of known hosts. user@example.com's password:

This command connects to the remote server on port 2222 instead of the default port 22, useful if the server uses a custom SSH port.

Terminal

ssh -p 2222 user@example.com

Expected OutputExpected

user@example.com's password:

→

-p - Specify a custom port number for the SSH connection

This command creates a new RSA key pair for SSH authentication, which lets you connect without typing a password.

Terminal

ssh-keygen -t rsa -b 2048 -f ~/.ssh/id_rsa

Expected OutputExpected

Generating public/private rsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/user/.ssh/id_rsa. Your public key has been saved in /home/user/.ssh/id_rsa.pub. The key fingerprint is: SHA256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX user@hostname The key's randomart image is: +---[RSA 2048]----+ | .o+*o. | | . +oo. | | . + +. | | o + | | . o S | | . . | | | | | | | +----[SHA256]-----+

→

-t - Specify the type of key to create (rsa)

→

-b - Set the number of bits in the key (2048 bits)

→

-f - Specify the filename to save the key

This command copies your public SSH key to the remote server, enabling passwordless login.

Terminal

ssh-copy-id user@example.com

Expected OutputExpected

Number of key(s) added: 1 Now try logging into the machine, with: "ssh user@example.com" and check to make sure that only the key(s) you wanted were added.

Now you connect again, but this time it uses your SSH key for authentication, so you won't need to enter your password.

Terminal

ssh user@example.com

Expected OutputExpected

Welcome to Ubuntu 22.04 LTS (GNU/Linux 5.15.0-50-generic x86_64) Last login: Tue Jun 6 10:00:00 2024 from 192.168.1.100 user@example:~$

Key Concept

If you remember nothing else from this pattern, remember: SSH lets you securely connect to and control a remote computer using a username and password or keys.

Common Mistakes

Trying to connect without the correct username.

The server won't recognize you and will deny access.

Always specify the correct username with ssh user@hostname.

Not adding the remote server's key to known hosts when prompted.

SSH will refuse to connect or warn you about security risks.

Type 'yes' to accept and add the server's key the first time you connect.

Not generating or copying SSH keys before trying passwordless login.

You will still be asked for a password every time.

Generate SSH keys with ssh-keygen and copy them with ssh-copy-id before connecting.

Summary

Use ssh user@hostname to start a secure remote connection.

Generate SSH keys with ssh-keygen to enable passwordless login.

Copy your public key to the server with ssh-copy-id for easier access.