DEV Community

Cover image for Quick SSH tour
Prashant Dwivedi
Prashant Dwivedi

Posted on

Quick SSH tour

SSH which stands for Secure Shell is a protocol used for Secure Remote Login and File Transfer. In order to protect the confidentiality and integrity of the data transferred between the client and server, it employs powerful symmetric encryption and hashing methods.

This article is focused to use SSH to make connections to remote machines on any cloud provider's end like AWS or Azure. For more information on how SSH works please look at SSH Protocol – Secure Remote Login and File Transfer

Here I will discuss the three basic way of connecting to any remote machine;

  1. Using the Private Key / Password of the remote machine on every connection.
  2. Adding local machine's public key as authorized_keys on remote machine.
  3. Making a config file in local machine in .ssh directory.

Whenever we make a new virtual machine on azure or an EC2 instance on AWS we have the option to down the SSH key or set a Username and Password for authentication.

1. Using the Private Key / Password of the remote machine on every connection.

This is the simplest mode of establishing the connection with the remote machine; the command for this are as follows;

a. Password based authentication

ssh username@hostname 

Eg:

ssh prashant@1.1.1.1
Enter fullscreen mode Exit fullscreen mode

You will be prompted to enter the password, once the password is entered, the connection is established with remote machine.

b. SSH key based authentication

  • Here, it is assumed that you have .ssh folder in home directory.
  • Download the SSH key for the remote machine from your respective cloud platform. For Azure, you are asked to download the one as soon as you create a New VM. Example Key File: NewVM_key.pem
  • Place this key in the .ssh folder
  • Change the permission of the file with following command

chmod 400 <Key File Name>

Once this setup is done, one can easily authenticate and create an SSH session using the below command

ssh username@hostname -i <location of key file>

Eg: ssh azureuser@1.1.1.1 -i ~/.ssh/NewVM_key.pem

Enter fullscreen mode Exit fullscreen mode

As soon as the command is executed the connection is established, see image below

Image description

2. Adding local machine's public key as authorized_keys on remote machine.

Another good method of connecting to a remote machine is to save the local machine ( client's machine ) public key in authorized_keys of server.

Once this is done, next time we don't need to given the SSH key of server for connection ( as in method 1 ). The moment we ask for connection to the server, since server has our public it uses it for further authentication.

Steps to Save the public key in server:

Generate the public and private key pair on local machine ( client's machine ). Using the below command;

ssh-keygen -m PEM -t rsa -b 4096

Detailed: 
ssh-keygen \
    -m PEM \
    -t rsa \
    -b 4096 \
    -C "azureuser@myserver" \
    -f ~/.ssh/mykeys/myprivatekey \
    -N mypassphrase
Enter fullscreen mode Exit fullscreen mode

The above command generates the two files id_rsa and id_rsa.pub, which are Private and Public keys of client's machine. Do not share your Private Key anywhere.
Now add the id_rsa.pub as authorized_keys on server. Use below command,

ssh-copy-id -i ~/.ssh/id_rsa.pub username@hostname
Enter fullscreen mode Exit fullscreen mode

To add the Public manually, use the below command

cat ~/.ssh/id_rsa.pub | ssh user@remote-host 'cat >> ~/.ssh/authorized_keys'
Enter fullscreen mode Exit fullscreen mode

Once the above two steps are completed successfully, one can connect to remote server just by using the hostname and username without the need of Password or SSH key of server.

For a diagrammatic representation of above process, I prepared an image for the same;

Image description

3. Making a config file in local machine in .ssh directory.

Third way of doing the same stuff and probably the most efficient and recommended way doing the things is to maintain a config file in .ssh directory.

This file contains the information of all the remote machines like host, hostname, username, password/shh key, etc. We can now ssh into the remote server only by using two word command, viz. ssh and host.

Procedure to create the config file
a. Go to .ssh directory
b. Now create the config file

touch config
Enter fullscreen mode Exit fullscreen mode

Image description

c. Now open the file in you favorite editor, I will use vim here.

vim config
Enter fullscreen mode Exit fullscreen mode

d. Now enter all your remote machines' information in following manner

Host NewVM
   HostName 20.129.27.139
   User prashant

Host OldVM
   HostName 21.36.12.596
   User azureuser
   IdentifyFile ~/.ssh/OldVM_key.pem
Enter fullscreen mode Exit fullscreen mode

For more information on config file please look at this beautiful article https://linuxize.com/post/using-the-ssh-config-file/

Now as we have our config file set, we can ssh into any remote machine by just using the host.

ssh NewVM

or

ssh OldVM
Enter fullscreen mode Exit fullscreen mode

That covers all third and the last method in this article. Hope you enjoyed reading and it added up to your knowledge.
Please feel free to communicate in comments and let me know if any mistakes and suggestions.
Thank You!

Cover Image Credits: https://askme4tech.com/how-use-ssh-powershell

Top comments (0)