Now you can start the ssh daemon by
/etc/rc.d/init.d/sshd start (Red Hat) or /sbin/init.d/sshd start (SuSE)
To check whether SSH is running, telnet to port 22 on your machine. You should see the following.
Trying
127.0.0.1...
Connected to localhost.
Escape character is '^]'.
SSH-1.99-OpenSSH_2.3.0p1
Usage
First thing that each user needs to do is create a public/private key pair. This is done using the ssh-keygen program.
ssh-keygen -d
The command
ssh-keygen is enough to prepare an RSA key for usage. The '-d' bit makes a DSA
key instead for use with SSH2. You will be asked for the filename to store the
key as. This allows you to have different private/public key pairs for the
various hosts that you will be connecting
to. The private key will saved as the file you specify in $HOME/.ssh/filename
(Default: 'identity' for RSA keys and 'id_dsa' for DSA
keys) and your public key will be stored with the '.pub' extension added to it. You will also be asked for the passphrase, which is used to encrypt the private part of your key further. You could do without one but for those paranoid about security, this is a must.
Ssh is quite easy to use. As a replacement for telnet, it has a myriad of options and is very flexible.
ssh hostname
This is the most basic usage - Making a secure connection to a host. If this is the first time that you a connecting to the host, you will be prompted by the following message
The
authenticity of host 'hostname' can't be established.
RSA key fingerprint is 3b:60:57:4e:6c:59:5a:99:cf:41:d5:e0:14:af:0d:a1.
Are you sure you want to continue connecting (yes/no)?
Type a full 'yes' to add the host key to your list of known hosts. These are stored in a file under $HOME/.ssh/known_hosts.
You will then be prompted for the password after which the connection proceeds.
A better command-line that you are likely to use is
ssh -C -i identity_file user@host [command]
-C - Use compression. Definitely a very good idea over a modem link.
-i - If you are using multiple public/private keys for various hosts, you need to specify the one to use for the current connection. This should point to the private key to be used.
user - The user you want connect as.
host - The host you want to connect to.
command - This is the command to run after connecting. You can use this to directly run a command off the host you are connecting to.
If you would like a lot more information as the connection progresses, you can add a '-v' to put ssh into verbose mode.
SSH also
provides you with a way to connect to the other host *without* using passwords.
Just copy your public key file, whether RSA or DSA, over to the server that you
will be connecting to. On the server, you then need to add this to the file
$HOME/.ssh/authorized_keys (RSA keys go here) or to $HOME/.ssh/authorized_keys2
(DSA keys go here). Now just run the normal
SSH command and you should will directly enter your home directory on the
server. You will probably be prompted for the password the first time but
thereafter you can connect without entering your password.
Secure File Transfer
Ssh also provides you with a secure way to transfer your files over the Internet. The program to use here is scp (Secure Copy). Scp syntax is also very basic.
scp user@host:filename user@host:filename
To copy a local file to another host using ssh
scp freeos.gif mayank@foo.com:
This will copy the file freeos.gif in the current directory to user mayank at host foo.com. The ':' at the end of the destination is required because otherwise scp will copy the file to one named mayank@foo.com.
To copy from a remote host to your local directory
scp mayank@foo.com:freeos.gif .
This will copy the file freeos.gif from user mayank's home directory at foo.com to the local directory.
There is also a '-r' option for recursive copying of files across directories.
User configuration
The default
OpenSSH configuration will work for everyone. You will find the system wide
configuration files in /etc/ssh or if your left it at the default, in /usr/local/etc.
There will be two configuration files here, ssh_config and sshd_config. The file
ssh_config set's the options for the
ssh client program that you will be using. The second file, sshd_config is the
SSH daemon configuration file.