SSH commands. Description
Virtually every Unix and Linux system includes an ssh command. It is designed to run a client program that provides a secure connection to an SSH server on a remote machine. The ssh command is used when logging into a remote machine, to transfer files between two devices and to execute commands on a remote computer.
SSH is a software package that provides secure system administration and file transfer across unsafe networks. It is used in almost every data center, in every large enterprise.
The protocol uses encryption to protect the connection between the client and the server. All user authentication, commands, output and file transfer are encrypted to protect against network attacks.
SSH protocol history
The Secure Shell protocol was originally developed by Tatu Ilonen in 1995 in response to an incident with hackers in the Finnish university network. A password sniffer was installed on the server directly connected to the backbone, and when it was discovered, there were thousands of user names and passwords in its database, including several Ylonen companies.
This incident provoked the study of cryptography and the development of a solution that Ilonen could use to securely access the Internet. His friends offered additional features, and three months later, in July 1995, Ilonen published the first version in open source. It was OpenSSH. He later adopted the standardization protocol at the IETF and developed the SSH File Transfer Protocol (SFTP).
Today, Tattoo Ilonen is still working on topics related to Secure Shell, especially around key management, as well as broader cybersecurity topics.
Today, the protocol is used to manage more than half of the world's Web servers and virtually all Unix or Linux computers, both offline and in the cloud. Information security specialists and system administrators use it to configure, manage, maintain, and use most firewalls, routers, switches, and servers in millions of critical networks and environments in our digital world. It is also built into many file transfer and system management solutions.
The new protocol has replaced several outdated tools and protocols, including telnet, ftp, FTP / S, rlogin, rsh and rcp.
Ssh command in linux
The command provides a secure, encrypted connection between two nodes over an insecure network. This connection can also be used to access the terminal, transfer files, and tunnel other applications. X11 graphics applications can also be safely launched via SSH from a remote device.
Other SSH commands
There are other options for commands other than the client. Each has its own page:
keygen - creates a pair of keys for public key authentication;
copy-id - makes the public key allowed on the server;
agent - private key storage agent for single sign-on;
add - a tool for adding a key to an agent;
scp is a file transfer client with an RCP-like command interface;
sftp - file transfer client with FTP interface;
sshd is an OpenSSH server.
Using LINUX CLIENT
Normally Linux uses an OpenSSH client. The ssh command to log into the remote machine is very simple. To log in to a remote computer, type the following command at a command prompt: sample.ssh.com.
If you are using ssh to connect to this remote computer for the first time, you will see a message like: “It is impossible to authenticate the host 'sample.ssh.com'. Do you really want to continue connecting (yes / no)? ”Enter yes to continue. This will add the server to the list of known hosts ( / .ssh / known_hosts).This is indicated by the following message: “Warning: Permanently added“ sample.ssh.com ”(DSA) to the list of known hosts.”
Once the connection to the server is established, the user is authenticated. As a rule, a password is requested. For some servers, you may be required to enter a one-time password generated by a special equipment token.
When authentication is accepted, you will enter the command line for the remote machine.
The above can also be expressed with the syntax: ssh -l alternative username sample.com.
Executive remote control commands on the server
The ssh command is also used to execute commands on a remote computer without logging in to the shell. The syntax for this is ssh hostname. For example, to run an SSH command: ls / tmp / doc on host sample.ssh.com, type the following command at the command prompt: sample.com ls / tmp / doc. After authentication on the remote server, the contents of the remote directory will be displayed, and you will be returned to the local shell prompt.
Setting public key authentication
To set up public key authentication without a password, you can create a key and configure the authorized_keys file.
Command line parameters can be used to configure port forwarding. Local relocation means that the local port (on the client computer) is tunneled to the IP address and port from the server. Remote forwarding means that the remote port (on the server) is redirected to the specified IP address and port from the client computer.
OpenSSH also supports redirecting Unix domain sockets and IP packets from a tunnel device to create a VPN (virtual private network).
Some of the most important command line options for a remote SSH command include:
use only protocol version 1 or 2;
use only IPv4 or IPv6 addresses;
enable authentication agent connection forwarding;
use data compression;
choose a specification to encrypt the session.
In addition, use dynamic port forwarding at the application level.