[ /ssh ]

Secure Shell instead of (or in addition to) using linux through a graphical interface.

A lot of the internet runs on Linux (or Unix-like systems in general), and a lot of the internet is not currently in the same physical location as you.

Why bother?

When you want to interact with far away computers somehow, you can use software that tries to portray the target computer's desktop (if it has one) on your screen, but latency is very likely going to make this an unpleasant process. SSH is still the most common way of interacting with distant computers. Anything you can do in a terminal on your own computer, you should be able to do on a remote computer. In my opinion, that's an indispensible feature.

If you're wondering why you would want to do this, there are many reasons. If you've heard of FTP you may already know it's possible to transfer files en-masse manually, without needing an intermediary service like Dropbox.

SFTP

A better option than FTP is SFTP, which uses SSH to transfer files in encrypted form.

This is old technology, and apart from its challenging interface (for some, I suppose) it is capable of doing everything that 'the cloud' is supposed to do, but without requiring you to trust a corporation. If you have a number of computers in different places, you can make your own cloud, and greatly improve your privacy.

there is no cloud, only other people's computer

The Windows operating system has a few half-assed options for the more common unix utilities, however, Unix and Unix-like systems put them center stage as critical components of a working system. Simple design decisions like building other tools on top of existing architecture are a major reason why I use Linux for all my computing needs.

I assume if you want to use SSH for something, you've already worked through my guide to using bash (linked above) for basic scripting. You should understand directory structure and notation. If you don't know about permissions yet, you're probably going to learn a few things.

Getting started

If you're trying to use ssh for the first time, hopefully you have two linux computers running already. We'll call one of them a 'Alice' (your client computer), and the other 'Bob' (the server).

Bob needs to have an ssh daemon installed for us to move ahead. If you are running a Debian-based system, open a terminal and run sudo apt-get install openssh-server. Once this is installed (unless you turn it off) it will always be running in the background. If you don't secure it, others may be able to log into your system as well. It is up to you to secure it.

If you are trying to operate a VPS, you have most likely been given credentials with which to connect.

If this is a second desktop or laptop you are trying to connect to, you will need to find this data yourself.

Connection Credentials

Port

SSH typically connects via port 22, though this is reconfigurable on the server side, and is not always the case. If the server you want to connect to is running on a non-standard port, you will have to specify what it is. If it's running on port 22, you can omit any mention of ports, and your ssh client should DTRT.

Usernames

Unix systems typically have a large number of users (though many of them will not actually be human users). Permissions are assigned to usernames. Root typically has access to the whole system, nobody has access to nothing, and so on. You probably want to connect to a username with permissions somewhere in the middle.

On your client computer, if you enter whoami, it will respond with your active user's name. If you try to connect to another system, and you don't specify a username, this is the username that it will use instead. I typically use the username ansuz all over the place, so that I don't have to specify it every time I want to log in.

If the remote system's username does not match your local username, you will have to know what it is.

Hostnames

Just as you were able to run whoami to find out your username, you can run hostname to find out the name of your system. As far as i know, there's no way to set a default for this data. You need to say who you want to connect to, though, it is possible to configure defaults for particular connections.

You will need to know Bob's username and domain to connect to him. You will also need to authenticate. SSH servers can do this a number of ways, the least secure is a password (which can be guessed), and the best is a large public/private keypair (which can also be guessed, though it would take a loooooooooong time).

To find Bob's username, you'll need to already have access to the system. If someone else is trying to give you access to their system, they will need to provide you with that information.

To find the hostname, consider whether you will be connecting across a local network, or across the/an internet. If the server is a website, it may have a domain like example.com. If you are connecting across a local network, run ip addr in Bob's terminal and look at whatever interfaces are present. They will each have an IP address. If the computer is plugged into the router directly via ethernet, look at the address in ETH0. Wifi connections will be under WLAN0 (or similar). You can even use your computer's TUN0 if you are running cjdns. Things are more complicated if the computer is out across the internet somehow. You should probably leave that alone for now, if you're totally new to this.

Connecting

Assuming you have all of this information, you should be able to connect by running the following in Alice's terminal:

ssh -p22 bob@example.com

That means 'Connect via secure shell to the user "bob" on the server referred to by the domain "example.com" on port 22'. There are other options you can provide, like -X for 'X forwarding' (remote desktop), but that often needs to be configured.

As stated above, port 22 is default and does not need to be specified.

More than likely, you don't have a domain set up, and you'll be using a raw IP address. This will look more like:

ssh bob@192.168.0.35

Domain names are simply substituted for numerical IP addresses, and have exactly the same function.

You'll be prompted for a password, enter Bob's usual password, and you will then be able to do anything to his computer remotely that you would be able to do locally.

Poke around, have fun!

ssh