An Introduction to SSH
If you’re a Web developer, a system administrator or anyone else who needs remote access to a computer, you might want to try SSH.
SSH stands for Secure SHell. In the past, if you wanted to log into a system, you would have used Telnet. And for many years, that’s what people did. But there was one small problem. Telnet trasmitted information in plain text, including passwords. That meant someone who was up to no good could eavesdrop on the connections and steal passwords and usernames in order to break into the system. SSH is different because the connection is encrypted.
If you’re a geek who’s not intimidated by the command line, SSH is convenient, because it’s free, clients are installed on must Unixish systems, including Mac OS X, and it’s pretty secure, as mentioned previously. If you’re using Windows, you can download PuTTY, a free Telnet/SSH client. Most Unix systems use OpenSSH.
You can just jump in and use SSH by just logging in using ssh [email protected] or from PuTTY. The picture above shows me logged into SDF, a service that provides free shell accounts, from my MacBook Pro.
If you want to be able to log in without using a password, you can generate a key pair using ssh-keygen. This makes use of the concept of public key cryptography. You stash the public key on your remote host and SSH compares it with your private key on your computer and lets you log in without a password.
You can generate the key pair using ssh-keygen at the command prompt or from within PuTTY. You’ll have a choice of several encryption algorithms. The default, RSA, is pretty secure. You’ll also have the option of picking a passphrase, which is like a passwrod but can be a lot longer. If you want one, make sure to pick a passphrase that’s difficult to guess. If not, you can just hit enter.
When your key is generated, your public key should be in .ssh/id_rsa.pub in your home directory. (Note that it starts with a “.”) Copy the contents of this file in to the .ssh/authorized_keys on your remote system, and you can log in securely without being prompted for a password.
This should be enough to get you started logging into your computers over the Internet safely and securely. For some programs you might want to use with SSH, see our post titled 6 Best Text-Only Applications. SSH comes standard on a lot of Unix systems, so check out our post on 5 BSD-based operating systems (OpenBSD also currently maintains OpenSSH) and 6 Linux Distros to Run from a USB drive.