Accessing the Remote Command Line with SSH
What is the OpenSSH secure shell?
The term OpenSSH refers to the software implementation of the Secure Shell software used in the system. The OpenSSH Secure Shell is used to run a shell securely on a remote server or system. Suppose If you have been provided with the user account to login remote Linux server which provides Secure shell services, Then normally we use ssh command to remotely log into that server. This command can also be used to run an individual command on a remote system.
Secure Shell examples
- As the current user create a remote interactive shell, then return to your previous shell when
done with the exit command.
- Connect to a remote shell with a user (user1) which is different from your current user on a selected host (remotehost):
[email protected]’s password:
[[email protected] -]$
A Secure Shell secures communication between systems by using public-key encryption. When a client connects to a secure shell server remotely, then before the client logs into that server, a copy of its public key is sent by the server. This public key is used by the secure shell to set up encrypted communication for the channel and It’s also used to authenticate the server with the client.
When the first time a user uses secure shell to connect to a remote server, ssh command stores the remote server’s public key in the client user’s ~/. ssh/known_hosts file. Then every time the user connects to that server after that. It makes sure that the client gets the same public key from the server which it got first time by comparing the server’s entry in the ~/. ssh/known_hosts file with the public key which was sent by the server. If both keys do not match with each other, then client assumes that the network is being hijacked or that may be the remote server has been compromised and the connection between client and server breaks. This also means that if a remote server’s public key is changed due to hard drive failure, or it was replaced by the server admin for some legitimate reason, then client users will need to remove their old public key entry and update ~/. ssh/known_hosts files in their system in order to log in.
- On your local client system Host IDs (public keys) are stored in ~/. ssh/known_hosts:
$ cat ~/ . ssh/known hosts
remotehost,192.168.0.101 ssh-rsa AAAAB3Nzac...
- On the Secure Shell Remote Server Host keys are stored in /etc/ssh/ssh_host_key*
$ ls /etc/ssh/*key*