Most servers in the world are run on Linux servers. They’re dependable, affordable and highly configurable. However, servers aren’t always accessed, nor accessible, directly. Hence they require remote access. While most local computers run on Windows there is a significant portion of users whose local machines are either Linux or Mac. It is with these individuals in mind that we prepared this tutorial.
The most frequently used, and secure, method of accessing servers remotely is via SSH, otherwise known as Secure Shell. Secure Shell is a cryptographic network protocol that works in a client-server architecture. Both ends of the connection are authenticated using a digital certificate and, as a protocol, it is robust enough to provide communication security over any network. Originally designed as a replacement for Telnet, it uses a command line interface with no GUI support and is used to communicate between computers. However, unlike Telnet, it provides secure communication using SSL (Secure Socket Layer) and can maintain any number of shell sessions over a single connection.
Using SSH to communicate with remote servers requires a command line interface. In a Windows system this would be provided by third party programs such as Putty. While there are third party SSH applications available for Linux and Mac, such as OpenSSH, SSH support is native in these operating systems and may be run from within the standard command line interfaces available for each. The command line interface for both, while slightly different for each, go by the same name: Terminal.
How to Connect to a Server by SSH using a Linux or Mac:
Note: Before you attempt a connection to a remote server you need to ensure that your server is configured to accept SSH connections. To do this, access the web console Control Panel of your server to gain access to its settings in order to configure it to accept such connections. Unless this is enabled your server will not accept SSH connections and the attempt will fail.
The following command syntax instructions apply to, and may be run from, the Terminal app in either Mac OSX or Linux.
In order to enter the commands we first need the command line interface provided by the Terminal program.
- To open Terminal in Mac
- Open Applications folder
- Open Utilities folder
- Select the Terminal Application
- To open a Terminal in Linux there are several methods
- Enter “Terminal” in the Search function
- Select it from the result(s).
- Dash (Ubuntu)
- Click Dash
- Select Applications (categories list)
- Select Terminal
Now that Terminal is open, and you have access to a command line, we may begin.
Logging into the Remote Server via Terminal
- Type the SSH command: ssh
- Include your user ID and IP address or URL, connected by the “@” symbol as the argument for the command.
- Assuming a user ID of “user1” and a URL of www.server1.com (18.104.22.168), the following syntax should be entered to connect to the server:
- ssh firstname.lastname@example.org
- ssh email@example.com
4. Hit Enter
- You will then be prompted for a password.
Note: When entering passwords via Terminal, you will not see any response reflected in Terminal while typing the password. Whereas Windows systems and websites will show placeholders for each entered character (E.g.: *******), entering passwords in Terminal shows nothing until you’ve entered the password and hit Enter. So don’t worry if you’re typing in your password but nothing’s happening on screen.
5. Enter your password and hit enter.
If you are successful, you should see an altered command prompt, similar to the following:
Remote Host Identification
If you had rebuilt your server, or this is the first time connecting to this server via SSH, then you will encounter the following warning message:
- Warning: Remote Host Identification has changed. (accompanied by other configuration details and host key information)
SSH uses the SSL (Secure Socket Layer) protocol. A part of the SSL security protocol is the establishment of public and private keys between remote servers and local computers connecting via SSH. This extra layer of security comes in handy, especially in the case of brute force password attacks.
SSH keys are a means of identification used when connecting to a remote server using public-key cryptography and challenge-response authentication. The public key is stored on the server and is used to encrypt data while the private key is held only on the user machine and is used to decrypt incoming/downloaded data.
When connecting to a server, that server’s public key is matched against a list of other known keys saved from previous connections to that IP address. These IP Address – Host Key pairs are stored in a SSH known_hosts file on the local computer. Each time a server is rebuilt then its host key changes.
Editing Host Keys
In the case of a rebuilt server, in order to remove obsolete host keys you should edit the known_hosts file by removing all lines which begin with your server’s IP address. The known_hosts file, on a Mac or Linux, should be located in the following location
The file may be edited in any text editor program.
For added security, log into your server’s web console Control Panel to confirm the server’s host key. You may use this to verify the host key when logging in.
Caution While Connecting via SSH
Note: If you attempt to log into a server, which you’ve logged into before via SSH, and receive the Remote Host Identification warning then you may be a victim of what’s known as a “Man-In-The-Middle” attack. If the returned host key does not match your records from what you recorded in the server Control Panel then do not proceed any further. Do Not Enter Your Password. This technique is used to surreptitiously acquire passwords to secure servers.