SSH

From xotHostWiki
Jump to: navigation, search

Contents

Introduction

Secure Shell (SSH) is a protocol that allows encrypted data exchange between two networked devices.
All the xotHost.com VPSs and Dedicated Servers come with SSH preinstalled, and it is one of the primary and recommended way to connect remotely to your Virtual Machine or Dedicated Server.

Access

To access your xotHost.com server from a Linux or Mac Box, it is straightforward, since the SSH client is installed by default on most Linux distributions, and onMac OS X.
If you access your Virtual Machine from a Windows box, you have to install PuTTY first.

Login

To login on your VPS or Dedicated Server using a Linux or Mac terminal window, issue the following command (for Windows users, use PuTTY):

[user@local-desktop ~]$ ssh user@IP.ADD.RE.SS

(Note that "[user@local-desktop ~]$ " is just the shell prompt, and not part of the commands you type). or, if you have adomain name assigned to that IP address:

[user@local-desktop ~]$ ssh user@example.com
The first time you login to your VPS you will see the following prompt:
The authenticity of host 'example.com (IP.ADD.RE.SS)' can't be established.
RSA key fingerprint is xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx.Are you sure you want to continue connecting (yes/no)?

Answer "yes" (not "y") and then you will see:

Warning: Permanently added 'example.com, IP.ADD.RE.SS' (RSA) to the list of known hosts.
user@example.com's password: [type your remote system's password]
[user@your-VPS ~]$ _

Type "exit" to go back to your local machine. The previous example will log you in on the selected user's home directory. If you want to login directly to your root account, issue the following:

[user@local-desktop ~]$ ssh root@exapmle.com

Please note that Ubuntu servers have the root user disabled by default, so that will not work. In this case, login to your user name, and then usethe sudo command to issue any command that requires super userprivileges. If you wish to access a username on your VPS that is the same username as your client box, this is just enough:

[user@local-desktop ~]$ ssh example.com

To transfer the data compressed (recommended for slow connections):

[user@local-desktop ~]$ ssh -C user@example.com

Using a non-standard port

If your VPS is configured for ssh access using a non-standard port (standard port is 22):

[user@local-desktop ~]$ ssh -p 2223 user@example.com

That's of course, considering that the VPS has been configured for SSH access using port 2223.

Copying files to and from your server

If you wish to copy files from your machine to your server or vice-versa, use the scp command. scp is part of the OpenSSH packageand it is used to copy files between hosts in a network, using ssh for data transfer. Examples:

[user@local-desktop ~]$ scp /home/user/ducky.txt user@example.com:/home/sally/animals

will copy the selected file into the "animals" folder under the user's home folder on the remote server.

[user@local-desktop ~]$ scp dog.odt example.com:/home/user/documents

will copy the dog.odt file to the server's documents folder, assuming that the same username is used in both the local machine and the remote server.

[user@local-desktop ~]$ scp user@example.com:/home/user/animals/tiger.pdf .

will copy the tiger.pdf file from the animals folder in the server to the present directory (please note the . dot at the endo of the command).

SSH Login without a password

Sometimes, you will find annoying the fact that you have to type your password everytime you want to login or transfer a file to your server, and sometimes you will find that you need to access your remote machine from a script in which case you cannot use the password.
For those cases, you can set up ssh keys. The first time you ssh into your server, a .ssh directory will be created on your local machine.
To generate the key on your local machine, use the following command:

[user@local-desktop ~]$ ssh-keygen -t dsa

and you will see the following:

Enter file in which to save the key (/home/user/.ssh/id_dsa): [press enter if you are happy with that default]
Enter passphrase (empty for no passphrase): [Press ENTER to leave it blank]
Enter same passphrase again: [re-enter your passphrase]
Your identification has been saved in /home/user/.ssh/id_dsa.
Your public key has been saved in /home/user/.ssh/id_dsa.pub.
The key fingerprint is: xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
[user@local-desktop]

Now, copy your generated keys to the remote VPS

[user@local-desktop ~]$ scp ~/.ssh/id_dsa.pub user@example.com:

This copies your key from your local home directory to the VPS's home directory. You will see the following:

user@example.com's password: [your password here]
id_dsa.pub 100% 611 0.6KB/s 00:00

Now, on your server you need to create the ~/.ssh directory if it doesn't exist and insert the key into the authorized_keys file:

[user@local-desktop ~]$ ssh user@example.com
password: [your password here]
Last login: Sat Mar 12 00:18:12 2013 from xx.xxx.xxx.xxx
[user@remote-server ~]$ cat ~/id_dsa.pub >> /home/user/.ssh/authorized_keys
[user@remote-server ~]$ rm /home/user/id_dsa.pub
[user@remote-server ~]$ chmod 600 ~/.ssh/authorized_keys

The last two commands remove the key file and sets the correct permissions for the authorized_keys file. Try leaving your ssh session and logging in again:

[user@remote-server ~]$ exit
[user@local-desktop ~]$ ssh example.com
Last login: Sat Mar 12 00:50:29 2013 from xx.xxx.xxx.xxx

Security concern about key generation without a passprhase

Leaving the passphrase blank when you generate your key on the above example will let anyone with access to your username on your local machine access your remote server without any password. Please do not use this methond on a public computer or if you are sharing your username.
As usual, strong passwords are recommended and that includes your local machine!


Back to Main Page
Go to xotHost.com

Personal tools
Namespaces

Variants
Actions
Navigation
Tools