How to open an SSH connection with openSSH

So I’ve been having an issue with my laptop. I want to submit a bug report but the logs are a mass of complexity I don’t want to get familiar with (yet). If only there was a way to log in to a shell on a computer while it is running without having to use the windowing or the computer itself…

Enter SSH (Secure SHell). SSH allows you to open a shell process on a host remotely. It’s frequently used for remote admin work, but also for the plucky home repairman. Because anyone with an SSH connection to a host can do pretty much whatever they want — given they can get root access — SSH creates security issues for the owner of the system. Hence, SSH is not usually immediately installed or enabled on most *NIX operating systems. There is an easy way to enable this on OSX and on a linux system (ubuntu 15.10, here). This guide is for the ubuntu user. For the server process:

sudo apt-get install openssh-server

If you’re simply trying to open a connection:

sudo apt-get install openssh-client

To configure your server process, first make a read-only copy of /etc/ssh/sshd_config:

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.factory-defaults
sudo chmod a-w /etc/ssh/sshd_config.factory-defaults

Open sshd_config with your text editor of choice. Here, you can change the port that the ssh server connection is open on, how to authenticate connections, and display a banner on login (actually very helpful). One security step will make your ssh server drastically more secure is to edit the field PasswordAuthentication to no and instead change or create the PubKeyAuthentication field to yes. Then update or create RSAAuthentication to yes. To save changes:

sudo service ssh restart

If you use RSA authentication, you need to create the public and private keys, store them in a password protected directory and then share them with the host you wish to connect with. There is a whole step here where you need to discover the host with the client system that is another layer of complexity, so I’m going to assume from here out that your client system knows has discovered the server process. If you want to know more, I recommend using nmap.

On the client system:

mkdir ~/.ssh
chmod 700 ~/.ssh
ssh-keygen -t rsa

RSA keys are defaulted to 2048 bits. If you wish to have a 4096 bit key, use:

ssh-keygen -t rsa -b 4096

Then you need to share your key with the server process:

ssh-copy-id <username>@<host>

Where <username> is the account you want to login to and <host> is the hostname (what you named your computer when you installed your os. This can take a second (anything that is not over LAN can take a while). Then, opening an ssh connection (given your client has discovered the host), is as simple as:

ssh <username>@<host>
One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.