Secure Shell (SSH) is a protocol that allows encrypted data exchange between two networked devices.
All the xotHost.com VPSs and Dedicated Servers come with SSH preinstalled, and it is one of the primary and recommended way to connect remotely to your Virtual Machine or Dedicated Server.
To access your xotHost.com server from a Linux or Mac Box, it is straightforward, since the SSH client is installed by default on most Linux distributions, and onMac OS X.
If you access your Virtual Machine from a Windows box, you have to install PuTTY first.
To login on your VPS or Dedicated Server using a Linux or Mac terminal window, issue the following command (for Windows users, use PuTTY):
[user@local-desktop ~]$ ssh user@IP.ADD.RE.SS
(Note that "[user@local-desktop ~]$ " is just the shell prompt, and not part of the commands you type). or, if you have adomain name assigned to that IP address:
[user@local-desktop ~]$ ssh firstname.lastname@example.org The first time you login to your VPS you will see the following prompt: The authenticity of host 'example.com (IP.ADD.RE.SS)' can't be established. RSA key fingerprint is xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx.Are you sure you want to continue connecting (yes/no)?
Answer "yes" (not "y") and then you will see:
Warning: Permanently added 'example.com, IP.ADD.RE.SS' (RSA) to the list of known hosts. email@example.com's password: [type your remote system's password] [user@your-VPS ~]$ _
Type "exit" to go back to your local machine. The previous example will log you in on the selected user's home directory. If you want to login directly to your root account, issue the following:
[user@local-desktop ~]$ ssh firstname.lastname@example.org
Please note that Ubuntu servers have the root user disabled by default, so that will not work. In this case, login to your user name, and then usethe sudo command to issue any command that requires super userprivileges. If you wish to access a username on your VPS that is the same username as your client box, this is just enough:
[user@local-desktop ~]$ ssh example.com
To transfer the data compressed (recommended for slow connections):
[user@local-desktop ~]$ ssh -C email@example.com
Using a non-standard port
If your VPS is configured for ssh access using a non-standard port (standard port is 22):
[user@local-desktop ~]$ ssh -p 2223 firstname.lastname@example.org
That's of course, considering that the VPS has been configured for SSH access using port 2223.
Copying files to and from your server
If you wish to copy files from your machine to your server or vice-versa, use the scp command. scp is part of the OpenSSH packageand it is used to copy files between hosts in a network, using ssh for data transfer. Examples:
[user@local-desktop ~]$ scp /home/user/ducky.txt email@example.com:/home/sally/animals
will copy the selected file into the "animals" folder under the user's home folder on the remote server.
[user@local-desktop ~]$ scp dog.odt example.com:/home/user/documents
will copy the dog.odt file to the server's documents folder, assuming that the same username is used in both the local machine and the remote server.
[user@local-desktop ~]$ scp firstname.lastname@example.org:/home/user/animals/tiger.pdf .
will copy the tiger.pdf file from the animals folder in the server to the present directory (please note the . dot at the endo of the command).
SSH Login without a password
Sometimes, you will find annoying the fact that you have to type your password everytime you want to login or transfer a file to your server, and sometimes you will find that you need to access your remote machine from a script in which case you cannot use the password.
For those cases, you can set up ssh keys. The first time you ssh into your server, a .ssh directory will be created on your local machine.
To generate the key on your local machine, use the following command:
[user@local-desktop ~]$ ssh-keygen -t dsa
and you will see the following:
Enter file in which to save the key (/home/user/.ssh/id_dsa): [press enter if you are happy with that default] Enter passphrase (empty for no passphrase): [Press ENTER to leave it blank] Enter same passphrase again: [re-enter your passphrase] Your identification has been saved in /home/user/.ssh/id_dsa. Your public key has been saved in /home/user/.ssh/id_dsa.pub. The key fingerprint is: xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx [user@local-desktop]
Now, copy your generated keys to the remote VPS
[user@local-desktop ~]$ scp ~/.ssh/id_dsa.pub email@example.com:
This copies your key from your local home directory to the VPS's home directory. You will see the following:
firstname.lastname@example.org's password: [your password here] id_dsa.pub 100% 611 0.6KB/s 00:00
Now, on your server you need to create the ~/.ssh directory if it doesn't exist and insert the key into the authorized_keys file:
[user@local-desktop ~]$ ssh email@example.com password: [your password here] Last login: Sat Mar 12 00:18:12 2013 from xx.xxx.xxx.xxx [user@remote-server ~]$ cat ~/id_dsa.pub >> /home/user/.ssh/authorized_keys [user@remote-server ~]$ rm /home/user/id_dsa.pub [user@remote-server ~]$ chmod 600 ~/.ssh/authorized_keys
The last two commands remove the key file and sets the correct permissions for the authorized_keys file. Try leaving your ssh session and logging in again:
[user@remote-server ~]$ exit [user@local-desktop ~]$ ssh example.com Last login: Sat Mar 12 00:50:29 2013 from xx.xxx.xxx.xxx
Security concern about key generation without a passprhase
Leaving the passphrase blank when you generate your key on the above example will let anyone with access to your username on your local machine access your remote server without any password. Please do not use this methond on a public computer or if you are sharing your username.
As usual, strong passwords are recommended and that includes your local machine!