This is an old revision of the document!
−Table of Contents
SSH - network services
A guide about how to configure and use SSH in Ubuntu. The following questions will be answered in this guide:
* How to log into a remote machine?
* How to configure the login properly with an SSH key and a config file?
* How to transfer files from one machine to another?
Log into a remote machine
Different remote machines are usually used during the software development, like clifton, blueberry or the cluster fabulous. The most direct way to log into one of these machines is to open a terminal and to enter the following command:
ssh username@machine
For instance,
ssh boemer@clifton.ltas.ulg.ac.be
The terminal then asks for the password and the connection is established. One can then execute all kinds of commands on the remote machine. Finally, to leave the remote machine, the command exit has to be executed.
Always having to type the full username@machine specification as well as the password can become tiring in the long run. For this reason, it is explained in the following section how to log into a remote machine by a command as simple as the following one, without having to enter a password:
ssh clifton
Login configuration
In the first part of this section, it is explained how to log into a remote machine without a password. In the second part, the creation of a config file is explained.
SSH keys
SSH keys are similar to passwords. They can be created by the command ssh-keygen. During the creation of the key files, the user is asked to enter a keyphrase. This keyphrase is an additional password, which can be used with the key files. If you do, however, not want to add any further security, you can simply press Enter. The ssh-keygen then creates two files in the .ssh directory (in $HOME): a private identification key called id-rsa and a public verification key id-rsa.pub.
The public key has to be transfered to the remote machine by the command ssh-copy-id username@machine, e.g. ssh-copy-id boemer@clifton.ltas.ulg.ac.be. This command adds the alpha-numeric string in id-rsa.pub to the file .ssh/authorized_keys on the remote machine.
When you try to connect for the next time to the remote machine, no password will be asked since the ssh command compares your private key in .ssh/id-rsa with the public key in .ssh/authorized_keys on the remote machine. If the comparison is successful, the connection is established.
ssh boemer@clifton.ltas.ulg.ac.be ssh boemer@fabulous.ltas.ulg.ac.be
The easiest way to do so is to copy your private key id-rsa to the first remote machine, provided that the public key id-rsa.pub has already been trasfered to the second remote machine by the ssh-copy-id command. The private key is transfered to the first remote machine by the following command:
scp .ssh/id-rsa boemer@clifton.ltas.ulg.ac.be:.ssh/
.ssh folder are not sufficiently restrictive. To change these permissions execute the following command in the home directory
chmod -R 700 .ssh
This command sets the permission recursively for all files in the .ssh directory to read/write/execute only allowed by the user.
id-rsa on all machines. Notice that whoever has this key can access your machines. It is as if he had your password. So pay attention to not leave this file on machines accessible by poeple, which you do not know.
Config file
To log into a remote machine by typing
ssh clifton
instead of
ssh boemer@clifton.ltas.ulg.ac.be
a configuration file named config has to be created in the .ssh folder. In the previous example, this file should contain the following content:
Host clifton
HostName clifton.ltas.ulg.ac.be
User boemer
IdentityFile ~/.ssh/id_rsa
This file has to be copied into the .ssh folder of other machines, if the abbreviation should also work on these machines.
File transfer
Besides using FileZilla, files can also be directly transfered by SSH, or more precisely, by SCP, i.e. Secure Copy. For instance, the config file of the previous section can be copied onto another machine, say clifton, by the following command:
scp .ssh/config boemer@clifton.ltas.ulg.ac.be:.ssh/
Or, in short,
scp .ssh/config clifton:.ssh/