How-To Session: SSH into another Linux Machine
EDITOR UPDATE: updated for new methodology and systemd
Today I am going to show you how to SSH into another linux box from anywhere! SSH is a powerful, encrypted command that enables you to essentially “log in” to you PC’s, via Terminal, and move files, change configurations, as if you were using Terminal at the remote host you are logging into.
Let’s start with the essentials:
Make sure you have SSH installed, check this with Terminal:”
ssh --version ssh -V
This will check if SSH is installed. If it is not search for the relevant “ssh” package for your distribution. In my case, “OpenSSH_6.2p2, OpenSSL 1.0.1e 11 Feb 2013” for OpenSSH. OpenSSH (OpenBSD Secure Shell) is a set of computer programs providing encrypted communication sessions over a computer network using the ssh protocol. It was created as an open source alternative to the proprietary Secure Shell software suite offered by SSH Communications Security. OpenSSH is developed as part of the OpenBSD project, which is led by Theo de Raadt.
The SSH client configuration file is
This is just an example config file:
/etc/ssh/ssh_config # $OpenBSD: ssh_config,v 1.26 2010/01/11 01:39:46 dtucker Exp $ # This is the ssh client system-wide configuration file. See # ssh_config(5) for more information. This file provides defaults for # users, and the values can be changed in per-user configuration files # or on the command line. # Configuration data is parsed as follows: # 1. command line options # 2. user-specific file # 3. system-wide file # Any configuration value is only changed the first time it is set. # Thus, host-specific definitions should be at the beginning of the # configuration file, and defaults at the end. # Site-wide defaults for some commonly used options. For a comprehensive # list of available options, their meanings and defaults, please see the # ssh_config(5) man page. # Host * # ForwardAgent no # ForwardX11 no # RhostsRSAAuthentication no # RSAAuthentication yes # PasswordAuthentication yes # HostbasedAuthentication no # GSSAPIAuthentication no # GSSAPIDelegateCredentials no # BatchMode no # CheckHostIP yes # AddressFamily any # ConnectTimeout 0 # StrictHostKeyChecking ask # IdentityFile ~/.ssh/identity # IdentityFile ~/.ssh/id_rsa # IdentityFile ~/.ssh/id_dsa # Port 22 # Protocol 2,1 # Cipher 3des # Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc # MACs hmac-md5,hmac-sha1,firstname.lastname@example.org,hmac-ripemd160 # EscapeChar ~ # Tunnel no # TunnelDevice any:any # PermitLocalCommand no # VisualHostKey no # ProxyCommand ssh -q -W %h:%p gateway.example.com
Change “Protocol 1” if present in the config file to “2”, which is more secure.
The SSH daemon configuration file can be found and edited in
Now set up your users, if you wish to only allow certain people by adding this line:
AllowUsers user1 user2
If you want to disable root login over SSH, modify/uncomment this line:
To add a nice welcome message edit the file
/etc/issue and change the Banner line into this:
I would advise changin the default port from 22:
Starting the daemon under systemd:
systemctl start sshd
Permantly enabled the service with:
systemctl enable sshd.service
You should see output such as
ln -s '/usr/lib/systemd/system/sshd.service' '/etc/systemd/system/multi-user.target.wants/sshd.service'
Alternativly, you can enable the service on first connection:
systemctl enable sshd.socket
It is better, but not necessary, to assign a static IP address on your REMOTE machine. You can also make this a reserved ip address via your routers settings. Additionally you can take that static address and register it with NO IP, so you have a free domain name. On the site, simply go to “add host” to add your PC.<
That said, now let’s connect to the remote host (below is basic syntax):
Note: if you are connecting to a local computer computer on your network, use the local address. If outside the network, you want to use the external address of your router. See your routers configuration for more
To connect to the remote machine:
ssh user@ip_address" OR "ssh user@hostname
Non-Standard port type
ssh -oPort=PORT_NUMBER user@ip_address
ssh -oPort=PORT_NUMBER user@hostname
scp SourceFile user@host:directory/TargetFile
You can also SFTP into your REMOTE host by doing:
sftp user@ip_address_or_hostname" OR "sftp -p PORT _NUMBER user@ip_address_or_hostname
To exit your session:
use the “exit” command in Terminal until you fully back out of your REMOTE host.
That’s if for today, any questions or comments, please comment on this blog entry or contach me via the “Conact Us” page at the top of this blog
Posted on 20130820, in How-To, Remote, Terminal and tagged how to remote into another computer in linux, how to SSH, Linux, remote access, SSH into another linux machine. Bookmark the permalink. 4 Comments.