Published Jan 16, 2019 / 3 min read
How to talk to a remote server via secure shell?
Secure shell (ssh) is a network protocol that empowers you to communicate securely with a remote server. Once the configuration is done you simply hit
ssh hostname into your command line to access your remote server. Optionally you may secure your bash execution with an additional password.
Create your public/private key pair
It is good practice to store your keys in an
.ssh directory within your home route. This way you may store all keys at a central location.
// switch to home and create .ssh directory cd mkdir .ssh
The keys are generated with
ssh-keygen command. You have the following options with this command:
- Type: The
-toption lets you determine the type. You can chose among rsa and dsa. However, a dsa key is limited to 1024 bit which is classified as insecure these days (2018). That's why I suggest you go for an rsa key.
- Strength: The
-bstands for bits and lets you determine the length and therewith the strength of your key. 4096 bit is a good standard for an ssh key.
- Password [optional]: The
ssh-keygenprocess will ask you whether you want to secure your private key with an optional password. If you provide a password, each time you try to connect via your ssh you are prompted to enter the password. It makes the process even more secure (imagine someone gains access to your private key file) but also a little less more comfortable.
// switch to your .ssh directory cd .ssh // determine type and bit of your key ssh-keygen -t rsa -b 4096
If you have not provided a specific path and name, you should find within your .ssh directory 2 files:
id_rsathis is your private key. Do not share it with anyone else. Just keep it where it is.
id_rsa.pubthis is your public key. It will be stored on remote servers you want to connect with.
Configure your ssh connections
config file within your .ssh directory to customize the ssh command for a specific server connection.
// create a config file with .ssh directory cd .ssh touch config
Use a text editor of your choice (e.g. nano, vim) and open the config file (e.g.
nano config) and enter the following information into the file:
Host: clientname Hostname: xxx.xxx.xxx.xxx User: ssh user name IdentityFile: ~/.ssh/id_rsa
Copy public key to your server
The last step you need to do is to copy the public key to your server you want to connect with. Therefore we use the
ssh-copy-id command and need to provide the path to your private key (if you execute the command from .ssh directory you only need to provide the name) and the specified host (see step 2).
To copy the public key to the server you will be asked to enter the password to connect to the server.
// switch to your.ssh directory cd .ssh // copy public key to server ssh-copy-id -i id_rsa.pub host
After a successful copy of your public key you may connect to your server simply with the following command: