Should I learn about SSH?

Zayn Jarvis
Sep 6, 2018 · 3 min read
It is really easy to create a ssh connection.

TL;DR => Learn to and always use SSH

Use case: GitHub, Remote Machine Connection, Remote PC connection.

OS spec: pre-installed in Linux and MacOS, Windows may need to download OpenSSH


What is SSH

Secure Shell

It adds a private key in your ~/.ssh folder ( not necessarily but preferably ) and adds a public key in the remote machine ~/.ssh folder. They are the only key-value pair. The machine (usually PC or laptop ) which store the private key will have the access to the server ( sometimes can be PC ) which restores the public key. Any machine can have multiple private/public keys to connect/ be connected to different devices.

File content

Private key looks like this (default: id_rsa)

-----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEAzDJo2j9EXKvx/J7KNyRUYobHMRZfndBjVaWWXuaEzT+fuUvu dB/5BjtlDt2BS3CNEiZ1wp4zOTt5mFbf6AMDRfJH2smv4rKk85s8PsmmSh+FVQ4F Q53iLDi+v3Cy0JXYgiugNLLOpg1xBC+CboFgKZ2q0uEhgI6CuLZNdRDc7gSp6viy zSJ7CRltK7aYDR+NcKubFGeWeScwcPCD/y3ejxJoLSKHpJ4G12W57SMM6d8l0d5o QzmycSz9ClAFIvecWpqRZ9/ah7Pm0Ohnxa6f0/SogO1ZQtnr+eyo43ehA42LX/uy LSVIBFFMS6dwgahmUED0AFHYKxdptCfAzNECswIDAQABAoIBAQColkXzSqDKUjvr 8b3KYPg6kEQMxwgSZ2Zb4+aOW4vxWUIp3gL1ZSBYgNkiuMZy3m3aOl6nW6225t+x YqhiCXq+WRXyEOpiJFQDvHq07A+aywNuAbFe7g85q2/w5r77b3vdnN8cIzRx7E8O wZrSWYZnVYEfsjfSx9YtYnX43P9Kkp2TnIO1OxWSU67aj5HRSU1nF1lQuZFpIpP6 qYFaHWBCKQRAMKGd+XRzoj1TDMCwSdofF6dDkNWXJ5Yhe1Ucu/W30j90VEyuZ75o WVJavQx4nETtxiNJnDl+GqPTgSDvqROibFY6JsaIybm6KEO44HMwGN43rx4j1FVA 7JVcjrbhAoGBAOgUBcw6+1EdPcUbuSczyO9XkXAnDxH0j8JRCylGs6Dw2idCx/iC 3HUsilvIVf/ng2eCLPTgDTKayBx98MMXxcB89DF8KlF8btcY+WfLiFHA4oX9taTW 51A5mzjBvTYGBH7a/vasx5Fk/rddF0Jo4v6mQ5oVJ/QKGX5HPA6pI+DPAoGBAOE+ qt/6CeRr7/BJ++f1p4wskpYUrWytrZE5jST0x2f0qeMxTMEQGne8H2/VJ37DXRNg DhP4fhR+icGQF+q96x/FKTUZlbLRYDcQOHRUFaeVGg6hrCo2d7aE7jRbKVEnY19R uCA1iAusgxzfHGMoSfTEXvmWUOf07CmqCkSdRRDdAoGAQV7Cc1B50dNGvuqcMKqp gqFL2idmW0xj4fwqBKphlofBKyXoZddDsdjiOhAUCU0Q+mr0dtVVYleu3jerRYjA rwODVR0AXouKPRRPzCjMcRq/s7ZPH+tYpIRVcJtBzKHNSl4tSxZH8HBePw/9qTsa FViH2jLzWg4uOB+gjxCdhokCgYEAmcf3UcOcTV+ECUH5wnxtT75+tgiX/sL05Vmt i7WzDr5z3rEh/g3IhEbkD64vsNQhD8Fc2zWknslls8l1CsdvZ9lsMNyu388jKXTh lkpyHmAl0id/K7LUOMC5APXcV5PUvJdGZncl0xKM0YFiGDDBjWMklLKTukn1ktyM 9huJs+ECgYBchjGNc5LlKtCYoDxO3KfsStR9Gt2/cQEvOvnXO4iWBtppmWTgDop5 hwzCGhWxBNnWWfGDV69zfNS2EFfN9LzL3d2NF7Ew8Dd5c4dPs/XDz6DjahmN554D mBa2qPAWtG8E2dZyTAlk9s2WNmiEfDLH6dQ/Jup6edXXDQaOaF9oZg== -----END RSA PRIVATE KEY-----

Public Key looks like this (default: id_rsa.pub)

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDMMmjaP0Rcq/H8nso3JFRihscxFl+d0GNVpQZe5oTNP5+5S+50H/kGO2UO3YFLcI0SJnXCnjM5O3mYVt/oAwNF8kfaya/isqTzmzw+yaZKH4VVDgVDneIsOL6/cLLQldiCK6A0ss6mDXEEL4eugWApnaDDSSGAjoK4tk31ENzuBKnq+LLNSnsJGW0rtpgNH41wq5sUZ5Z5JzBw8IP/Ld6PEmgtIoekngbXZbntIwzp3yXR3mhDObJxLP0KUAUi95xampFn39qHs+bQ6GfFrp/T9KPA7VlC2ev57Kjjd6EDjYtf+7ItJUgEUUxLp3CBqGZQQPQAUdgrF2m0J8DM0QKz zaynjarvis@gmail.com

Working Principle

When the public key is added to ~/.ssh/authorized_keys The computer configured with the corresponding private key will gain the connection access. No matter the SSH authorization is correct or not, a new file know_hosts will be added to the requesting device ( as in contrary with the server, which receives access application ) in ~/.ssh/ folder. ( This is file ~/.ssh/known_hosts ) If the connection is successful, the authorized machine will not be asked to check for entering access code again, else the machine will be blocked until the line containing the false connection info in the know_hosts is being deleted.

How to use

  • generate SSH key pair in local machine
ssh-agent
  • To open an SSH channel Run this line of code when start-up. ( How to make this step auto see Recommend settings. )
ssh-keygen -t rsa -b 4096 -C "<IDENTITY>"
  • -t: tag, what kind of encryption to use (use rsa as the general case ) -b: byte how long the encryption code is (use 4096 as general ) -C: Identity (as in my case, not quite useful, please investigate on this)
  • Prompt to specify the file location and name (suggest: ~/.ssh/ )
  • Either copy or upload the public key(e.g. id_rsa.pub ) to the website which asks for SSH connection
  • Configure SSH private key
  • For example
ssh-add id_rsa
  • Connect Server
ssh <username>@<server-ip>

Usually, the username is root.


Recommended setting

  • add these line of code to either ~/.profile or ~/.bash_profile
eval $(ssh-agent)
ssh-add ~/.ssh/<NAME>
clear

( Investigate why use eval )

MacOS user can use ssh-add -K ~/.ssh/<NAME> to add an SSH identity permanently. Windows with OpenSSH should behave the same, comment below if encountering problems. Resource

  • add server IP to /etc/hosts (as in Mac and Linux, investigate where is hosts in Windows) e.g.
123.456.78.90       server

The space in middle is a tab \t

  • Connect with a server using its alias name
ssh root@server

Bonus

With SSH, use SCP for file transfer instead of ftp

scp root@server:~/<folder>/<file> ~/<local-folder>/

Resources

First goal: Get rid of HTTPS clone.

Hope this helps.


Originally published at gist.github.com.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade