Accessing the Remote Command Line with SSH Objectives
After completing this section, you should be able log into a remote system and run commands using ssh.
What is OpenSSH?
OpenSSH implements the Secure Shell or SSH protocol in the Red Hat Enterprise Linux systems. The SSH protocol enables systems to communicate in an encrypted and secure fashion over an insecure network.
You can use the ssh command to create a secure connection to a remote system, authenticate as a specific user, and get an interactive shell session on the remote system as that user. You may also use the ssh command to run an individual command on the remote system without running an interactive shell.
Secure Shell Examples
The following ssh command would log you in on the remote server remotehost using the same user name as the current local user. In this example, the remote system prompts you to authenticate with that user's password.
You can the exit command to log out of the remote system.
The next ssh command would log you in on the remote server remotehost using the user name user02. Again, you are prompted by the remote system to authenticate with that user's password.
This ssh command would run the hostname command on the remotehost remote system as the user02 user without accessing the remote interactive shell.
Notice that the preceding command displayed the output in the local system's terminal.
Identifying Remote Users
The w command displays a list of users currently logged into the computer. This is especially useful to show which users are logged in using ssh from which remote locations, and what they are doing.
The preceding output shows that the user02 user has logged in to the system on the pseudo-terminal 0 at 16:13 today from the host with the 172.25.250.10 IP address, and has been idle at a shell prompt for seven minutes and thirty seconds. The preceding output also shows that the user01 user has logged in to the system on the pseudo-terminal 1 and has been idle since since last three seconds after executing the w command.
SSH host keys
SSH secures communication through public-key encryption. When an SSH client connects to an SSH server, the server sends a copy of its public key to the client before the client logs in. This is used to set up the secure encryption for the communication channel and to authenticate the server to the client.
When a user uses the ssh command to connect to an SSH server, the command checks to see if it has a copy of the public key for that server in its local known hosts files. The system administrator may have pre-configured it in /etc/ssh/ssh_known_hosts, or the user may have a ~/.ssh/known_hosts file in their home directory that contains the key.
If the client has a copy of the key, ssh will compare the key from the known hosts files for that server to the one it received. If the keys do not match, the client assumes that the network traffic to the server could be hijacked or that the server has been compromised, and seeks the user's confirmation on whether or not to continue with the connection.
If the client does not have a copy of the public key in its known hosts files, the ssh command will ask you if you want to log in anyway. If you do, a copy of the public key will be saved in your ~/.ssh/known_hosts file so that the server's identity can be automatically confirmed in the future.
SSH Known Hosts Key Management
If a server's public key is changed because the key was lost due to hard drive failure, or replaced for some legitimate reason, you will need to edit the known hosts files to make sure the entry for the old public key is replaced with an entry with the new public key in order to log in without errors.
Public keys are stored in the /etc/ssh/ssh_known_hosts and each users' ~/.ssh/known_hosts file on the SSH client. Each key is on one line. The first field is a list of hostnames and IP addresses that share that public key. The second field is the encryption algorithm for the key. The last field is the key itself.
Each remote SSH server that you conect to stores its public key in the /etc/ssh directory in files with the extension .pub.
References
ssh(1), w(1), and hostname(1) man pages
Top comments (0)