Overview of SSH to interact with Remote Servers (PART-II)
This article will teach you about the concepts related to SSH such as ssh daemon, updating ssh config files, and restarting sshd using systemctl or service commands. Also, You will go through the details related to passwordless login and also the ability to run commands remotely via ssh. In Continuation of PART I
👨🏽💻🧑🏻💻For more ARTICLES, FOLLOW📍DevOps Engineering on Cloud
Let’s get started.
Overview of SSH Daemons on Remote Servers
The Secure Shell Daemon process (SSH daemon or sshd) is the OpenSSH server process. It listens to incoming connections using the SSH protocol and acts as the server for the protocol. It handles user authentication, encryption, terminal connections, file transfers, and tunneling. SSHD is a background process.
To make sure the local host is connected to the remote machine there has to be an ssh daemon process that is running on the remote machine
From the lucid diagram, you can see sshd is running in both the instances that are created, which is why these two instances are able to connect to the local host via ssh.
Connect to the Virtual machine by using the following command
ssh -i ~/gsdemo.pem ubuntu@ec2–18–232–139–1.compute-1.amazonaws.comFrom the above command~/gsdemo.pemis the pem file and its location ubuntu is user and ec2–18–232–139–1.compute-1.amazonaws.comis the IPV4 DNS of the instance.
The user that is used to log in is ubuntu, ubuntu is nothing but a super user on this machine.
Use command sudo su — rootto switch to the root user, the root is the super admin as part of Linux based operating system.
Once you connect to a particular system as root you will be able to monitor everything on the system also you will be able to access all the files on the system.
🚨👉🏼 You can also check the complete udemy course (Linux Shell Commands for Absolute Beginners using Ubuntu 20x)🔗Referral link
To understand the daemon process that is associated with ssh use the following command, service sshd status
As you can see the SSHD is up and running the status is running and you can also see additional details with respect to sshd.
This is the daemon process that will be running all the time in the background on the ubuntu based virtual machines without this process being active you won’t be able to connect to this EC2 instance.
Experiment on sshd by stopping the sshd process and validating if the instance will be able to connect to the local host.
For that, you should be logged in as root in the virtual machine and use the following command, service sshd stop
Open a new ubuntu terminal and type the command,
ssh -i ~/gsdemo.pem ubuntu@ec2–18–232–139–1.compute-1.amazonaws.comAs you can see below the Connection is refused as the sshd process is stopped.
You can also validate ssh process is available at this time on the virtual machine from the PC by using a very useful command which is telnet.
Use the following command,
telnet ec2–18–232–139–1.compute-1.amazonaws.com 22Heretelnet is the command, ec2–18–232–139–1.compute-1.amazonaws.comis the public IPV4 DNS of the instance in which you want to check the status of the service and 22is the port number for ssh.
As you can see the process is hung and it is showing the connection is refused. So it won’t be connecting to the local host, So go to the previous ubuntu terminal and check the status of the SSHD by using
service sshd status .
As you can see the sshd is in an inactive (dead) state.
Start the sshd service by using the command
service sshd start
Switch to the other ubuntu terminal and validate the connection by using telnetcommand.
The command is telnet ec2–18–232–139–1.compute-1.amazonaws.com 22
As you can see it is able to listen to port 22 using the Public IPV4 DNS. Now come out of the telnet.
Validate the connection to the instance by using the following command,
ssh -i ~/gsdemo.pem ubuntu@ec2–18–232–139–1.compute-1.amazonaws.com
As you can see the connection to the EC2 instance is successful so that means the sshd is up and running and is in an active state.
Keep in mind, If you exit from the instance after stopping the sshd you can’t start the service unless you restart the instance from the AWS EC2 console, then the sshd process will be active and you will be able to connect to the instance.
Understand SSH Properties Files and Properties
For any software that is installed on Linux, typically the properties files will be under the /etc location.
Change the directory in the EC2 instance from the home directory to /etc/ssh by using the following command, cd /etc/ssh .
Then use ls -ltr command to list out the files in the ssh directory.
To check the properties of ssh, View the sshd_config file by using
view sshd_config command.
As you can see from the file lot of lines start with #, those are properties that are commented out and all those are nothing but defaults. When it comes to port it says 22, unless it is uncommented and changed the default port is used.
That is why when validating earlier using the telnet command port number 22 is specified. It didn’t work when sshd is stopped, but when sshd is started, then it started to work again.
The reason why it is working again with port 22 is that sshd is configured with 22 as its port number.
There are other properties you can review and explore to understand these properties.
to exit from view ESC key and :q
Exit from the EC2 instance.
Try to log in without mentioning the key pair
ssh ubuntu@ec2–50–17–9–239.compute-1.amazonaws.com
Now as you can see the connection is not possible as the permission to connect to the instance is denied as the public key is not mentioned.
But it shouldn’t prompt that way as you need to try to log in using password login, to enable password login. You have to connect to the instance and change the properties of the sshd_config file.
Connect to the instance by using the following command,
ssh -i ~/gsdemo.pem ubuntu@ec2–50–17–9–239.compute-1.amazonaws.comType sudo su — root command to login as the root user, to change the sshd_config file you need to be logged in as super admin, which is the root user.
Then change to the ssh directory by using cd /etc/ssh . Use the view command on sshd_config file.
Scroll down and you can see password authentication is no. For password login, it should be yes.
Enabling Password login on Remote Server
As of now, password login is disabled, you can see how to enable password login. The steps that are involved to make any changes to the ssh properties files are,
Update the properties file, after updating you have to bounce the ssh process only then changes will be in effect, otherwise, the changes won’t be affected.
Not only ssh and process, where ever you want to customize the behavior of a process, If you have to update the properties file most of the time you have to restart the process as well.
Then to change the properties of the sshd_config file use vi sshd_config command. If you are not compatible with the vi editor, you can use other editors like nano editor or gedit, etc.
Now after using vi sshd_config command, change the password authentication to yes to change the password authentication yes, and type i to insert the change and then type esc key and :x to save the changes.
Make sure you are logged in as root as you changed the properties file and you have to restart for the change to apply.
The command used for this is service sshd restart
Now validate that the sshd status is restarted by using the following command,
service sshd status
Exit from the root user and then create a password for password login using the following command sudo passwd ubuntu .
You used ubuntu in the command because ubuntu is the user and you are using sudo to use ubuntu as the sudo user.
Then type the new password that you want and retype the password when prompted. The password won’t be visible but it is typed so don’t be in panic that you can’t see the password. Make sure to add the relevant password when asked to retype and after entering the password twice the password is created successfully.
Now validate by exiting from the instance and try logging into the instance using password login.
As you can see the password login is successful.
Make sure to be careful while working on properties files of services as they might change the user experience.
Run Commands on Remote Servers using SSH
One of the key features with respect to SSH is not only to connect to the remote machine but also to run commands on the remote machine directly.
For example, try to connect to the remote machine and run the hostname command to get the fully qualified name of that remote machine.
One of the ways is to use the approach ssh where you are connecting to the remote machine without a password. Once you are in the remote machine you’ll be able to run hostname -f command to get the fully qualified name of the host.
You can run the commands directly from the terminal without logging into the remote machine by using ssh.
Exit from the remote machine and type the following command,
ssh -i ~/gsdemo.pem ubuntu@ec2–50–17–9–239.compute-1.amazonaws.com “hostname -f”to get the fully qualified name of that remote machine without connecting to the remote machine.
You can run any commands remotely using SSH remotely using this approach.
Here are some examples:
To check the free memory that is available in the instance by using the following command
ssh -i ~/gsdemo.pem ubuntu@ec2–50–17–9–239.compute-1.amazonaws.com “free -h”|awk -F" " ‘{ print $NF }’Here free is the command to check memory details -h is the control argument for the output to be printed in a human-readable format.
To list the files that are present in the instance without connecting to the remote machine, Use the command,
ssh -i ~/gsdemo.pem ubuntu@ec2–50–17–9–239.compute-1.amazonaws.com "ls -ltr"
🙏🏼Thank you, for reading the article. If you find it valuable please follow our publication DevOps Engineering on Cloud
🚨👉🏼 You can also check the complete udemy course (Linux Shell Commands for Absolute Beginners using Ubuntu 20x)🔗Referral link
Thanks to Vamsi Penmetsa
