ssh protocol

Want to read about ssh protocol because I have run into it a few times and want to find out how I could use it to benefit me.

Date Created:

References


Notes

The Secure Shell (SSH) Protocol is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution.

It was designed for Unix-like operating systems as a replacement for Telnet and unsecured remote Unix shell protocols. Secure Shell uses encryption mechanisms that are intended to hide the contents of the transmission from an observer, even if the observer has access to the entire data stream. A Finish computer scientist, Tatu Ylogen, designed SSH in 1995 and provided an implementation in the form of two commands, ssh and slogin.

SSH applications are based on a client-server architecture, connecting an SSH client instance with an SSH server. SSH operates as a layered protocol suite comprising three hierarchical components: the transport layer provides server authentication, confidentiality, and integrity, the user authentication protocol validates the user to the server, and the connection protocol multiplexes the encrypted tunnel into multiple logical communication channels.

SSH uses public-key cryptography to authenticate the remote computer and allow it to authenticate the user, if necessary. SSH may be used in several methodologies. In the simplest manner, both ends of a communication channel use automatically generated public-private key pairs to encrypt a network connection, and then use a password to authenticate the user. When the public-private key pair is generated by the user manually, the authentication is essentially performed when the key pair is created, and a session may then be opened automatically without a password prompt. In this scenario, the public key is placed on all computers that must allow access to the owner of the matching private key, which the owner keeps private. While authentication is based on the private key, the key is never transfered through the network during authentication. SSH only verifies that the same person offering the public key also owns the matching private key.

On Unix-like systems, the list of authorized public keys is typically stored in the home directory of the user that is allowed to log in remotely, in the file ~/.ssh/authorized_keys. This file is respected by SSH only if it is not writable by anything apart from the owner and root.

SSH is typically used to log into a remote computer's shell or command-line interface (CLI) and to execute commands on a remote server. It also supports mechanisms for tunneling, forwarding of TCP ports and X11 connections and it can be used to transfer files using the associated SSH File Transfer Protocol (SFTP) and Secure Copy Protocol (SCP).

SSH uses the client-server model. An SSH client program is typically used for establishing connections to an SSH daemon, such as sshd, accepting remote connections. Both are commonly present on modern operating systems.


Common SSH Commands

Description

Direct SSH Command

SSH Shell Command

Connect as a specific user.

ssh [username]@[hostname_or_IP]

N/A

Connect using a non-standard port number.

ssh -p [port] [username]@[hostname_or_IP]

N/A

Disconnect from the remote session.

N/A

exit or logout

Generate SSH keys to streamline authentication.

ssh-keygen -t rsa

N/A

Copy the local SSH public key to the remote server's authorized_keys file.

ssh-copy-id [username]@[hostname_or_IP]

N/A

Copy a file from the local machine to a remote directory.

scp [filename] [username]@[hostname_or_IP]:/remote/directory

N/A

Copy a file from the remote server to the local machine.

scp [username]@[hostname_or_IP]:/remote/file/path /local/directory

N/A

Recursively copy a local directory to the remote server.

scp -r /local/directory [username]@[hostname_or_IP]:/remote/destination

N/A

Transfer files between systems via SFTP.

sftp [username]@[hostname_or_IP]
put local.file
get remote.file

N/A

Compress and transfer a directory from local to remote server.

tar -czf - /path/to/local/directory | ssh [username]@[hostname_or_IP] 'tar -xzf - -C /path/to/remote/directory'

-

Compress and transfer a remote directory to a local machine.

ssh [username]@[hostname_or_IP] 'tar -czf - /path/to/remote/directory' | tar -xzf - -C /path/to/local/directory

-

Synchronize files from remote to local server.

rsync -avz -e ssh [username]@[hostname_or_IP]:/remote/file.name /local/file.name

-

Synchronize files from local to remote server.

rsync -avz -e ssh /local/file.name [username]@[hostname_or_IP]:/remote/file.name

-

List the contents of a remote directory.

ssh [username]@[hostname_or_IP] 'ls -l /remote/directory'

ls -l /remote/directory

Move or rename a file on the remote server.

ssh [username]@[hostname_or_IP] 'mv /path/source/file /path/destination/directory'

mv [filename] /path/destination/directory

Create a new directory on the remote server.

ssh [username]@[hostname_or_IP] 'mkdir /path/new_directory_name'

mkdir /path/new_directory_name

Delete a file on the remote server.

ssh [username]@[hostname_or_IP] 'rm /path/to/file'

rm /path/to/file

Change file permissions.

ssh [username]@[hostname_or_IP] "chmod [permission] /path/to/file_or_directory"

chmod [permission] /path/to/file_or_directory

Change file ownership.

ssh [username]@[hostname_or_IP] "chown new_owner:group /path/to/file_or_directory"

chown new_owner:group /path/to/file_or_directory

Check disk space usage on the remote server.

ssh username@hostname_or_IP 'df -h'

df -h

Monitor the syslog file on the remote server in real-time.

ssh username@hostname_or_IP 'tail -f /var/log/syslog'

tail -f /var/log/syslog

Monitor remote system performance using <strong>htop</strong>.

ssh [username]@[hostname_or_IP] "htop"

htop

Set up local port forwarding.

ssh -L local_port:destination_server_ip:remote_port [username]@[hostname_or_IP]

N/A

Set up remote port forwarding.

ssh -R remote_port:localhost:local_port [username]@[hostname_or_IP]

N/A

Set up dynamic port forwarding.

ssh -D [local_port] [username]@[hostname_or_IP]

N/A

Mount a remote directory on your local machine via SSHFS.

sshfs [username]@[hostname_or_IP]:/path/to/remote/directory /path/to/local/directory

N/A

Keep SSH connection alive.

ssh -o "ServerAliveInterval=60" [username]@[hostname_or_IP]

N/A

Insert Math Markup

ESC
About Inserting Math Content
Display Style:

Embed News Content

ESC
About Embedding News Content

Embed Youtube Video

ESC
Embedding Youtube Videos

Embed TikTok Video

ESC
Embedding TikTok Videos

Embed X Post

ESC
Embedding X Posts

Embed Instagram Post

ESC
Embedding Instagram Posts

Insert Details Element

ESC

Example Output:

Summary Title
You will be able to insert content here after confirming the title of the <details> element.

Insert Table

ESC
Customization
Align:
Preview:

Insert Horizontal Rule

#000000

Preview:

Insert Chart

ESC

View Content At Different Sizes

ESC

Edit Style of Block Nodes

ESC

Edit the background color, default text color, margin, padding, and border of block nodes. Editable block nodes include paragraphs, headers, and lists.

#ffffff
#000000

Edit Selected Cells

Change the background color, vertical align, and borders of the cells in the current selection.

#ffffff
Vertical Align:
Border
#000000
Border Style:

Edit Table

ESC
Customization:
Align:

Upload Lexical State

ESC

Upload a .lexical file. If the file type matches the type of the current editor, then a preview will be shown below the file input.

Upload 3D Object

ESC

Upload Jupyter Notebook

ESC

Upload a Jupyter notebook and embed the resulting HTML in the text editor.

Insert Custom HTML

ESC

Edit Image Background Color

ESC
#ffffff

Insert Columns Layout

ESC
Column Type:

Select Code Language

ESC
Select Coding Language