radin/my-docs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
edea1fe9e84bc5f1c68fd4457d0fc1dd6e2f4bc9
my-docs/Linux/Basic-Administration/08-setup-ssh.md

115 lines
2.5 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# 🔐 Secure Shell (SSH) Remote Access & Management
**SSH (Secure Shell)** is a cryptographic network protocol that allows users to **securely access and control remote machines** over a network. It's a foundational tool for system administrators, developers, and anyone managing remote systems.
---
## 🧠 What SSH Does
* **🔒 Encrypts Communication**
All data transmitted between the client and the remote server is encrypted, protecting it from eavesdropping and man-in-the-middle attacks.
* **🧑‍💻 Authenticates Users**
Supports both password-based and public key-based authentication to ensure that only authorized users gain access.
* **💻 Enables Remote Command Execution**
Run commands on a remote machine as if you're using its terminal directly.
* **📁 Supports Secure File Transfers**
Tools like `scp` (Secure Copy) and `sftp` (SSH File Transfer Protocol) allow encrypted file transfers between machines.
---
## 🚀 Installing the SSH Server
To accept SSH connections on a machine, you must install and start the **OpenSSH server**.
### On Debian/Ubuntu systems
```bash
sudo apt install openssh-server
```
* This installs the OpenSSH daemon (`sshd`), which listens for incoming SSH connections.
* To enable and start the service:
```bash
sudo systemctl enable ssh
sudo systemctl start ssh
```
---
### On RHEL/CentOS systems
```bash
sudo yum install openssh-server
```
* Start and enable the SSH service:
```bash
sudo systemctl enable sshd
sudo systemctl start sshd
```
---
## 🛠️ Common SSH Usage Examples
### 🔗 Connect to a Remote Server
```bash
ssh username@remote_host
```
### 📁 Copy a File to a Remote Server Using `scp`
```bash
scp file.txt user@remote_host:/path/to/destination/
```
### 📥 Copy a File from a Remote Server
```bash
scp user@remote_host:/path/to/file.txt .
```
### 🗂️ Use Interactive File Transfer with `sftp`
```bash
sftp user@remote_host
```
---
## 🔐 Key-Based Authentication (Optional but Recommended)
To use SSH without typing a password every time, you can set up key-based authentication:
1. **Generate SSH key pair on your local machine:**
```bash
ssh-keygen
```
2. **Copy the public key to the remote server:**
```bash
ssh-copy-id user@remote_host
```
3. Now you can SSH without a password prompt:
```bash
ssh user@remote_host
```
---
## ✅ Final Notes
* SSH is a vital tool for managing servers securely.
* Always **disable root login** and **use key authentication** for better security.
* You can configure SSH behavior in `/etc/ssh/sshd_config`.
Reference in New Issue View Git Blame Copy Permalink