Home Tutorials Using SSH (Secured Shell)

Using SSH (Secured Shell)

Last updated on Aug 30, 2024

What is Secure Shell

SSH stands for Secure Shell, and it is a secure network protocol that allows for remote access and control of a computer or server over an unsecured network. It is commonly used by system administrators and developers to securely manage and transfer data between computers over the internet.

When connecting to a remote server using SSH, the connection is encrypted, which means that no one can eavesdrop on the communication or steal the login credentials. The encryption ensures that all data, including passwords and other sensitive information, is transmitted securely over the network.

To use SSH, it's neccessary to have an SSH client installed on the computer, and the remote server must have an SSH server installed. Also needed is a username and password or a public/private key pair to authenticate to the remote server.

Once authenticated, a command-line interface can be utilized to execute commands on the remote server or transfer files securely between computers and the remote server. SSH also allows for the creatation of encrypted tunnels to forward other network services such as HTTP or FTP, making it an essential tool for secure remote access and administration.

Basic Usage

Locate Required Credentials

  • In order to being the connection an IP address/Hostname, Username,and Password are required. In the American Cloud CMP this information can be found in the compute section. Follow the steps below to acquire the information

  1. Login to the Web Portal with a valid American Cloud account

  2. On the left navigation column choose 'Cloud Compute'

  3. In Manage Instance select the desired instance to SSH into

  • Inside the 'Server Information' page retreive the public IP address, username (default cloud), and copy the password (default is a randomly selected password)

SSH The Machine

  • Open a terminal or cmd prompt and type the following command
ssh cloud@[IPAddress]

ssh [email protected]
The authenticity of host '0.0.0.0 (0.0.0.0)' can't be established.
ED25519 key fingerprint is SHA256:EXAMPLEp01iD6zXvKCF+QdF5VLl3MiFrITEXAMPLE.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])?

  • If this is the first login, a message asking to save the fingerprint will appear. Type 'yes' to continue

  • Next enter the password for the User being logged into

[email protected]'s password:

SSH with Keys

When using SSH keys, authentication to a remote server is possible without having to enter a password while logging in. Instead, a generated pair of cryptographic keys: a public key and a private key. The public key is uploaded to the remote server, while the private key is stored securely on the local computer.

When connecting to the remote server using SSH, the server checks the public key against a list of authorized keys. If the public key is on the list, the server uses it to encrypt a message that can only be decrypted with the paired private key. The server sends this encrypted message back to the local computer, and the local SSH client uses the private key to decrypt the message and authenticate to the server.

Using SSH keys has several advantages over using a password for authentication. First, it is more secure because it is much harder for an attacker to guess or steal a private key than it is for them to crack your password. Second, it is more convenient because typing a password every time log in isn't neccessary. And third, it is easier to automate scripts or other processes that require remote access, since the private key can be included in the scripts without having to store a password in plain text.

To use SSH keys, first generate a key pair using a tool like ssh-keygen. Then copy the public key to the remote server using a command like ssh-copy-id or by manually appending the public key to the authorized_keys file on the remote server. Finally, configure the SSH client to use the private key when connecting to the remote server.

  • Follow the steps below to SSH a server

  1. Generate the SSH key pair

    • For more information on generating key pairsĀ Click Here.

  2. Save the newly generated SSH key pair to the '/.ssh' directory

  3. Place the Public Key in the '/.ssh/authorize_keys' directory

  • There are two primary ways to accomplish step 3 discussed below

ssh-copy-id

  • The ssh-copy-id command is an easy way to add the local machines public key to the remote servers /.ssh/authorized_keys directory. To accomplish this follow the below commands
ssh-copy-id cloud@[IPAddress]
  • After pressing enter the remote server will being receiving ssh key pairs from the local machine. As shown the user's password will be required for completion
ssh-copy-id [email protected]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/work/.ssh/id_ed25519.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:
  • Following an accurate password the system will show the number of keys imported and log out
Number of key(s) added:        1

Now try logging into the machine, with:   "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.

Next log back into the remote server using the standard ssh command. If a passphrase was established during generation it will be requested

ssh [email protected]
Enter passphrase for key '/Users/joeevans/.ssh/id_ed25519':
  • A connection not requiring user password will be made

Placing Public Key in Authorized_keys directory

  • Another way to accomplish placing a public key into the /.ssh/authorized_keys directory is below. Follow these steps

  1. On the local machine naviate to the /.ssh directory.

  2. Copy the desired public key.

  3. Log into the remote server using the username/password

    
ssh [email protected]

  4. Edit the /.ssh/authorized_keys using the preferred editor.

    
vi /.ssh/authorized_keys

  5. Paste the copied public key from the local machine inside the folder

    
ssh-ed25519 Example333lZDI1aaaAAAAIxxxghuGkFSh4256QQoDC+DI5vMwi2EXAMPLE

  6. Log out of the remote server using the 'exit' command

  • It is now possible to log in without needing the user's password. Again if a passphrase was used while generating the key pair input it here.