Hello, I'm Ganesh. I'm building git-lrc, an AI code reviewer that runs on every commit. It is free, unlimited, and source-available on Github. Star Us to help devs discover the project. Do give it a try and share your feedback for improving the product.
Secure Shell (SSH) is a cryptographic network protocol that allows you to operate network services securely over an unsecured network.
It is most commonly used for logging into a remote terminal and executing commands.
How SSH Works
SSH uses a client-server model and relies on a suite of encryption technologies to ensure that data remains confidential and untampered.
1. The Handshake
When we connect to a server, the two machines exchange supported encryption protocols and settle on a mutually compatible version.
They also establish a session key using a process like the Diffie-Hellman algorithm, which allows them to create a shared secret without actually sending the key across the network.
Here is the video explaining this process:
Link
2. Authentication
Once the encrypted channel is established, the server needs to verify who you are. This usually happens in one of two ways:
- Password Authentication: You send your password through the encrypted tunnel.
- Key-based Authentication: The most secure method, using a Public Key (stored on the server) and a Private Key (stored on your machine).
3. Encryption Layers
SSH utilizes three different types of encryption:
- Symmetrical Encryption: Uses one key for both encryption and decryption of the entire session.
- Asymmetrical Encryption: Uses a public/private key pair (used primarily during the handshake and for authentication).
- Hashing: Uses algorithms (like HMAC) to ensure data integrity, proving that the packets haven't been altered during transit.
For let's setup simple RSA key pair for ubuntu server.
How to Setup SSH
Since we are using ubuntu server, we need to install the SSH server on the server.
Step 1: Install the SSH Server
Assuming you are in cloud console want to setup ssh on ubuntu.
On the server, run:
sudo apt update
sudo apt install openssh-server
To check if itβs running:
sudo systemctl status ssh
Step 2: Generate SSH Keys (Recommended)
On your local machine, generate a key pair. This is much safer than using a password.
ssh-keygen -m PEM -t rsa -b 4096 -f ~/.ssh/private_key
Press Enter to save it in the default location.
You can add a passphrase for extra security.
gk@jarvis:~$ ssh-keygen -m PEM -t rsa -b 4096 -f ~/.ssh/private_key
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/gk/.ssh/private_key
Your public key has been saved in /home/gk/.ssh/private_key.pub
The key fingerprint is:
SHA256:i3qqpQpyRkjDAdnbe++rN+ZCzak/4Ryzsn5vGJYEsVg gk@jarvis
The key's randomart image is:
+---[RSA 4096]----+
|o+ E. |
|o o o.. |
| + o. .. |
|..o . . |
|. . . +So |
| . . o.@. |
|o o .o.*.B |
|oo o .= % . |
|..o.o++%=*. |
+----[SHA256]-----+
In the above output, we have generated a private key and public key.
we can copy public key and save it in server
Step 3: Copy the Key to the Server
Copy public key from local machine.
cat ~/.ssh/private_key.pub
Once you are inside server either in temperary console or using password.
Change directory to .ssh
Add public key to authorized_keys file.
This way server will trust your public key and you can login without a password.
Step 4: Connect
Now you can log in without a password:
ssh username@remote_host_ip
Conclusion
We understood how ssh works and how to setup ssh on server.
I hope this article helps you to understand ssh and how to setup ssh on server.
Any feedback or contributors are welcome! Itβs online, source-available, and ready for anyone to use.
β Star it on GitHub: https://github.com/HexmosTech/git-lrc
Top comments (0)