DevOps Tutorials - VegaStack
Please enter at least 3 characters
Jun 20, 2023 6 min read

SSH Command Usage with Examples

Understand the basics of SSH Command with our detailed tutorial. It is a secure and encrypted protocol used for remote login and data exchange between two networked devices.

Sumit Patel & Darshita Daga
SSH Command
Table of Contents

Introduction

Before we start with the tutorial, let's quickly understand – What is SSH Command?

SSH (Secure Shell) command is a secure and encrypted protocol used for remote login and data exchange between two networked devices. It provides a secure channel over an unsecured network, enabling users to securely access and control remote systems.

SSH commands allow users to execute various operations remotely, such as file transfers, running commands, and managing network services. By encrypting the connection, SSH ensures the confidentiality and integrity of data transmitted between devices. It is widely used in system administration, software development, and other fields requiring secure remote access.

This tutorial covers how to log in to a remote machine using the OpenSSH command-line client (ssh) and run commands or complete other tasks. We will also address a few FAQs on how to install MySQL on Ubuntu 20.04.

Advantages of SSH Command

  1. Secure Remote Access: SSH command provides encrypted and secure remote access to systems, protecting sensitive data from unauthorized access.
  2. Data Encryption: It encrypts the data transmitted over the network, ensuring confidentiality and preventing data interception or tampering.
  3. Authentication: SSH offers various authentication methods, including passwords, public-key cryptography, and two-factor authentication, enhancing security.
  4. Port Forwarding: SSH supports port forwarding, allowing users to securely access services on remote machines through encrypted tunnels.
  5. Remote Command Execution: SSH enables users to execute commands on remote systems, making it convenient for remote system administration and automation tasks.

Install OpenSSH Client

ssh is the name of the OpenSSH client application, which can be run from the terminal. Other SSH tools, such as scp and sftp, are installed alongside the ssh command in the OpenSSH client package.

Installing OpenSSH Client on Linux

Most Linux distributions come with the OpenSSH client preinstalled. You can use your distribution package manager to install the ssh client if it isn't already installed on your machine.

Installing OpenSSH on Ubuntu and Debian

sudo apt update
sudo apt install openssh-client

Installing OpenSSH on CentOS and Fedora

sudo dnf install openssh-clients

Installing OpenSSH Client on Windows 10

To connect to a remote machine through SSH, most Windows users use Putty. The most recent versions of Windows 10 do, however, have an OpenSSH client and server. Both programs can be installed using the graphical user interface (GUI) or PowerShell.

Type the following command to get the precise name of the OpenSSH package:

Get-WindowsCapability -Online | ? Name -like 'OpenSSH*'

The command should provide a result similar to this:

Output

Name  : OpenSSH.Client~~~~0.0.1.0
State : NotPresent
Name  : OpenSSH.Server~~~~0.0.1.0
State : NotPresent

Once you have the package name, use the following command to install it:

Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0

If you're successful, you'll get something like this:

Output

Path          :
Online        : True
RestartNeeded : False

Installing OpenSSH Client on macOS

The OpenSSH client is installed by default on macOS.

How to Use the ssh Command

To log into a remote machine through SSH, the following prerequisites must be met:

  • On the remote machine, an SSH server must be running.
  • The SSH port on the remote machine's firewall must be open.
  • The remote account's username and password must be known. For remote login, the account must have the appropriate privileges.

The ssh command's fundamental syntax is as follows:

ssh [OPTIONS] [USER@]:HOST

To use ssh, open a Terminal or PowerShell window and type ssh followed by the remote hostname:

ssh ssh.vegastack.com

When you initially connect to a remote machine using SSH, you'll receive a notice similar to the one below.

Output

The authenticity of host 'ssh.vegastack.com (192.168.121.111)' can't be established. ECDSA key fingerprint is SHA256:Vybt22mVXuNuB5unE++yowF7lgA/9/2bLSiO3qmYWBY.
Are you sure you want to continue connecting (yes/no)?

The ~/.ssh/known_hosts file has a unique fingerprint for each host.

If you want to save the remote fingerprint, you'll be asked for your password.

Output

Warning: Permanently added 'ssh.vegastack.com' (ECDSA) to the list of known hosts.

[email protected]'s password:

You will be logged in to the remote system after entering the password.

The ssh command uses the current system login name if no username is specified.

To log in as a different user, use the following syntax for the username and host:

ssh username@hostname

The -l option can also be used to specify the username:

ssh -l username hostname

When no port is specified, the SSH client will attempt to connect to the remote server on port 22 by default. Administrators are changing the default SSH port on certain sites to give an extra layer of security by minimizing the danger of automated attacks.

Use the -p option to connect to a port other than the default:

ssh -p 5522 username@hostname

Use the -v option to tell ssh to print debugging messages if you're having authentication or connection problems:

ssh -v username@hostname

Use -vv or -vvv to increase the level of verbosity.

There are several options available when using the ssh command.

By typing man ssh in your terminal, you can get a complete list of all options.

SSH Config File

If you use SSH to connect to many remote systems on a daily basis, you'll find it difficult, if not impossible, to remember all the remote IP addresses, different identities, non-standard ports, and other command-line arguments.

The settings set in the per-user configuration file (~/.ssh/config) are read by the OpenSSH client. You can save various SSH options for each remote machine you connect to in this file.

The following is an example of an SSH configuration:

Host dev
    HostName dev.vegastack.com
    User mike
    Port 4422

When you type ssh dev, the ssh client will read the ~/.ssh/config file and connect to the dev host using the connection information indicated in the file. ssh dev is equivalent to the following in this case:

ssh -p 4422 [email protected]

Public Key Authentication

Various authentication schemes are supported by the SSH protocol.

You can log in to the distant server using the public key-based authentication mechanism without having to type your password.

This approach generates a pair of cryptographic keys that are then used to authenticate the user. The private key is kept on the client device, while the public key is sent to each remote server you want to access. It's necessary to set up the remote server to accept key authentication.

You can generate an SSH key pair on your local machine if you don't already have one by typing:

ssh-keygen -t rsa -b 4096 -C "[email protected]"

You'll be prompted to provide a secure password. It's entirely up to you whether to use a pass.

Copy the public key to the remote server once you have your key pair:

ssh-copy-id username@hostname

The public key will be appended to the remote user authorized keys file once you enter the remote user password.

You can log in to the remote server without having to enter a password once the key has been uploaded.

You may make the login procedure easier and the server more secure by using key-based authentication.

Port Forwarding

SSH tunneling, also known as SSH port forwarding, is a mechanism for relaying services ports across an encrypted SSH connection between a client and a server system.

SSH forwarding is important for transmitting network data of services that employ an unencrypted protocol, such as VNC or FTP, for accessing geo-restricted content, and for getting over intermediate firewalls. Basically, any TCP port can be forwarded and traffic tunneled through a secure SSH connection.

SSH port forwarding can be divided into three categories:

Local Port Forwarding

Local port forwarding allows you to forward a connection from the client host to the SSH server host, which is then forwarded to the destination host port.

Pass the -L option to the ssh client to set up a local port forwarding:

ssh -L [LOCAL_IP:]LOCAL_PORT:DESTINATION_HOST:DESTINATION_PORT -N -f username@hostname

The -f option tells ssh to run in the background, while -N tells it not to run a remote command.

Remote Port Forwarding

It is the opposite of local port forwarding. It transfers a port from the server host to the client host, and then to the port of the destination host.

SSH is told to create a remote port forwarding with the -R option:

ssh -R [REMOTE:]REMOTE_PORT:DESTINATION:DESTINATION_PORT -N -f username@hostname

Dynamic Port Forwarding

Dynamic port forwarding establishes a SOCKS proxy server that permits communication over a variety of ports.

To set up a dynamic port forwarding configuration (SOCKS) pass the ssh client with the -D option:

ssh -D [LOCAL_IP:]LOCAL_PORT  -N -f username@hostname

FAQs About SSH Command

How does SSH ensure security?

SSH ensures security through encryption, authentication methods, and data integrity checks, providing a secure channel for remote access and data exchange.

Can SSH be used for file transfers?

Yes, SSH supports secure file transfers through protocols like SCP (Secure Copy) and SFTP (SSH File Transfer Protocol).

What authentication methods does SSH support?

SSH supports password-based authentication, public-key cryptography, and even two-factor authentication for enhanced security.

Can SSH be used for port forwarding?

Yes, SSH supports port forwarding, allowing users to securely access services on remote machines through encrypted tunnels.

Can SSH be used for remote command execution?

Absolutely! SSH allows users to execute commands on remote systems, making it useful for remote system administration and automation tasks.

Is SSH widely used in the industry?

Yes, SSH is widely used in various industries for secure remote access, server administration, software development, and network management.

Conclusion

Use the ssh command followed by the remote username and hostname (ssh username@hostname) to connect to a remote server through SSH.

When it comes to administering distant servers, knowing how to utilize the ssh command is vital.

If you have any queries, please leave a comment below and we’ll be happy to respond to them.

linux-commands
You might also like
linux-commands 10 min read

Linux Glossary

Explore our Linux Glossary for essential open-source operating system concepts, regardless of the expertise level.…
Sakshi .
yum 5 min read

yum command in Linux with Examples

In this tutorial, we will explain how to use the yum command, which is a package management tool to install, update and manage software packages.…
Sakshi .
Great! You’ve successfully signed up.
Welcome back! You've successfully signed in.
You've successfully subscribed to DevOps Tutorials - VegaStack.
Your link has expired.
Success! Check your email for magic link to sign-in.
Success! Your billing info has been updated.
Your billing was not updated.