SSH is a process in which one computer logs into a remote computer and controls it.Shh is a functionality of linux and UNIX. If you want to control linux server from windows machine then you will need a ssh client such as putty. You can download putty client for windows from here. You open up putty put ipaddress of remote linux server put name and password and connect to it.
- here click the one that says putty.exe and download
- after you have downloaded the putty, click on the putty icon
- you will see something like this.
- here in the blank space that says hostname or ip, put in the ip address of server you are trying to connect
- and on the port put in the port.
- reminder : default port for ssh is 22 but in some cases it might be changed too
- port 22 should be open on the server you are trying to connect, meaning there should be rules on iptables to connect to the port
- or iptables should be stopped
service iptables stop chkconfig iptables off
- then hit open button
- you will be prompted with the login screen
- put in user name and then password , then you will be able to login in.
- If you are in mac or linux computer then just open up your terminal and type in ssh followed by username@ipaddress
- if it is the first time you are logged in to the server then you will be prompted with a dialogue prompt.
- just type in yes and it will save the fingerprint of remote computer to your computer and it wont show the same dialogue box next time.
- congratulations, you are logged in to remote server..
- notice your host changed from nfs server to rhce2 server.
ssh key and pasword less login
as the name says password less login through ssh is a method in which you login to remote host but without password.
- for that you need to generate pair of keys id_rsa and id_rsa.pub . these key will be generated inside .ssh folder of you home directory
- id_rsa is the key file you will authenticate with and you will send content of id_rsa.pub (also called public key) to remote host.
- in remote host the content of id_rsa.pub will be stored at .ssh/authorized_keys files inside home directory of user.
- if you are logged in as root then it be at /root/ssh/
- if you are logged in as other user then it will be at /home
[root@nfsserver .ssh]# pwd /root/.ssh
[velocity@nfsserver .ssh]$ pwd /home/velocity/.ssh
- now lets generate ssh-key pair for password less login
- here we will create ssh key in nfsserver and share public key with rhce2 server, and try to login without password
- nfsserver=192.168.1.13 rhce2=192.168.1.11
- first step is to type in command ssh-keygen-t rsa to create ssh key-pair
[root@nfsserver ~]# ssh-keygen -t rsa
- now it will as where to save these keys, default is userhome/.ssh/id_rsa
- and it will ask for pass-phrase, we are not going to give pass-phrase so just hit enter twice.
- your key pair has been created now
[root@nfsserver ~]# ls -la .ssh/
[root@nfsserver ~]# cd .ssh
[root@nfsserver .ssh]# ls -la total 16 drwx------. 2 root root 4096 Dec 19 19:42 . dr-xr-x---. 28 root root 4096 Dec 19 01:47 .. -rw-------. 1 root root 1675 Dec 19 19:42 id_rsa -rw-r--r--. 1 root root 396 Dec 19 19:42 id_rsa.pub
SSH key pair has been created, now share content of id_rsa.pub to remote rhce2 server
- this command below will copy content of id_rsa.pub to /root.ssh/authorized_keys file of root user of 192.168.1.11
[root@nfsserver .ssh]# ssh-copy-id firstname.lastname@example.org
- it will prompt you for yes or no for connecting for first time , type yes and enter
- then it will ask for password for authentication [don’t worry it will be for the last time]
- then it will say check in .ssh/authorized_keys file in remote server just in case there was error. and it will exit out in your own server
- now ssh to remote server again
- this time it wont ask for the password, notice below server changed from nfsserver to rhce2, and it didn’t ask for password this time
[root@nfsserver .ssh]# ssh email@example.com Last login: Fri Dec 19 19:41:38 2014 from 192.168.1.2 [root@rhce2 ~]#
- know just for checking go to .ssh folder and check the authorized_keys file
- here below we can see the content of id_rsa.pub is transferred to second paragraph of the authorized _keys file, we can recognize that by the last word that says root@nfsserver,
- looks like this server aslo has public key from root@rhce1 server.
[root@rhce2 ~]# ls .ssh/ authorized_keys known_hosts [root@rhce2 ~]# cd .ssh [root@rhce2 .ssh]# cat authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq6ogNVQ7ISzWCgv9arZFFD9NzWh8KwlbJqiETOrz4+L2/lrEtS6kCrbalfcfsIFlBtS21VLDsvK+lVG0IgDp0DozXXWH3IEPvymLXy+JLWPknuRe6jhAp01lWlKTVWFa+gyM6lJm31V2LgHgP8Oidlo6EXvLiD10OROXMrxdh3TkbOZWPVwL5oJWaea61yWQmbR+3yxucpegpwdDymI+MqiQeWtJSAO/Xe5k9fXDbdAPy5hNdy1jGGG6IBXzesGk0I3DRzSPDMtfFS5vAr5sxlzC1ELvfx8ascWOcHAzAnN5EA3Yoac2mh2Ap6UPzbqiVF7k/wX9KNolatw== root@rhce1 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq36oGbATUjasZ+7ZqoQtY3DBSUIT/enIUWmiU3TPXZTWHjwgAVN4gq9T6IjLpSWctydk99Rku6Jkijxt4u3e8Y1p2UowxIrK9I1uy0jNfIXaTlDixnkuSrGQj7saGJd9wQk3VjlhLoJMBeUBN3kWVTFeo4GCZnp6+AzHRA4HAru/j3+SE93fZw7LaLrxrHExTGBjICFgsgSAA9TilL+PAQLxPm1uU3fo+5WX2U1wts8aPjqQQMw9FDBnJ2yhkMg2facR+83KD5fJSJqC5XzAi/Tza/D2DBptru5oC4wFKSNZVSFVvEsCwXUU0aOodMhaYMZiek7Huokw== root@nfsserver [root@rhce2 .ssh]#
[ Note:- ssh-copy-id command will create authorized_keys file if not there and write into it ]