In this article, we’ll cover some basics of how to work with SSH command line tool as well as show you some examples of how I use it on production environments.
Some information from Wikipedia:
Secure Shell (SSH) is a cryptographic network protocol for secure data communication, remote command-line login, remote command execution, and other secure network services between two networked computers that connects, via a secure channel over an insecure network, a server and a client (running SSH server and SSH client programs, respectively).The protocol specification distinguishes between two major versions that are referred to as SSH-1 and SSH-2.
The best-known application of the protocol is for access to shell accounts on Unix-like operating systems, but it can also be used in a similar fashion for accounts on Windows. It was designed as a replacement for Telnet and other insecure remote shell protocols such as the Berkeley rsh and rexec protocols, which send information, notably passwords, in plaintext, rendering them susceptible to interception and disclosure using packet analysis. The encryption used by SSH is intended to provide confidentiality and integrity of data over an unsecured network, such as the Internet.
2 Linux machines networked together.
SSH Client and Server versions – openssh-clients package is included in the default installations of most Linux distributions, the server version can be download from the EPEL repository, please follow our guide of how to add EPEL repository into your machine in order to do so.
We will focus on 3 topics:
- Opening a SSH session to a remote machine
- Transferring files using SSH
- Executing commands on remote machines using SSH
Opening a SSH session to a remote machine
The SSH command line to open a session to a remote machine is called ssh.
The syntax is:
In this case, you will open a SSH session using your currently logged in user as a user for the remote machine,
the SSH command will interpret the command to:
[root@geek-kb ~]# whoami root [root@geek-kb ~]# ssh client root@client's password:
In this example, you can see how the SSH client automatically opened a session using the current logged in user – root .
The more common use of the SSH command will include the username on the remote machine you intend to connect to, like so:
[root@geek-kb ~]# ssh itaig@client itaig@client's password: itaig@itaig-lt:~$
In this example you can see how I logged in successfully using the username I specified in the command – itaig .
On the first time you will connect to a remote machine, you will be asked to approve the remote machine’s RSA key, type yes to approve it, like so:
[root@geek-kb ~]# ssh root@client The authenticity of host 'client (10.0.1.6)' can't be established. RSA key fingerprint is 39:49:a7:27:27:95:9b:16:ae:27:fa:5d:79:da:e5:49. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'client,10.0.1.6' (RSA) to the list of known hosts. root@client's password: Welcome to Ubuntu 13.10 (GNU/Linux 3.11.0-14-generic x86_64) root@itaig-lt:~#
Transferring files using SSH
There are two main command line tools which allow you to transfer files securely: scp and sftp.
1. scp is a non-interactive command-line which takes a file or a set of files to copy on the command line, copies them and exits.
2. sftp is an interactive command which opens a persistent connection where multiple copy commands can be performed through.
In order to copy one or more local files to a remote machine, the scp syntax would be:
scp local_file(s) username@hostname:destination_directory (absolute path aka /home/itaig/directory
[root@geek-kb ~]# scp geek-kb.log itaig@client:/home/itaig/Desktop itaig@client's password: geek-kb.log 100% 0 0.0KB/s 00:00 [root@geek-kb ~]#
In this example you can see that the file was transferred successfully and the speed it reached the remote machine in KB/s .
In order to copy more than one file, simple specify the file names in the command, like so:
scp 1.file 2.file 3.file username@hostname:/destination/directory
[root@geek-kb ~]# scp 1.file 2.file 3.file itaig@client:/home/itaig/ itaig@client's password: 1.file 100% 0 0.0KB/s 00:00 2.file 100% 0 0.0KB/s 00:00 3.file 100% 0 0.0KB/s 00:00 [root@geek-kb ~]#
In order to copy a whole directory to a remote machine using the SSH command add the -r prefix, like so:
scp -r test_folder username@hostname:/destination/directory
[root@geek-kb ~]# scp -r test_folder/ itaig@client:/home/itaig/ itaig@client's password: 3.file 100% 0 0.0KB/s 00:00 1.file 100% 0 0.0KB/s 00:00 2.file 100% 0 0.0KB/s 00:00 [root@geek-kb ~]#
In order to copy files from a remote machine to your own using the SSH command:
scp username@hostname:/path/to/file /local/destination
[root@geek-kb ~]# scp itaig@client:/home/itaig/test_file /root/ itaig@client's password: test_file 100% 0 0.0KB/s 00:00 [root@geek-kb ~]#
sftp is an interactive command which uses the same syntax as a standard command-line ftp client. It differs from a standard ftp client in that the authentication and the data transfer happen through the SSH protocol rather than the FTP protocol. The SSH protocol is encrypted whereas the FTP protocol is not.
There are a number of basic commands that are used inside of stfp:
- put filename : uploads the file filename
- get filename : downloads the file filename
- ls : lists the contents of the current remote directory
- lls : lists the contents of the current local directory
- pwd : returns the current remote directory
- lpwd : returns the current local directory
- cd directory : changes the current remote directory to directory
- lcd directory : changes the current local directory to directory
The syntax for calling sftp is:
Example of a sftp session:
[root@geek-kb ~]# sftp itaig@client Connecting to client... itaig@client's password: sftp> cd test_folder sftp> ls -l -rw-r--r-- 1 itaig itaig 0 Jan 6 18:26 1.file -rw-r--r-- 1 itaig itaig 0 Jan 6 18:26 2.file -rw-r--r-- 1 itaig itaig 0 Jan 6 18:26 3.file sftp> ls 1.file 2.file 3.file sftp> put 4.file Uploading 4.file to /home/itaig/test_folder/4.file 4.file 100% 0 0.0KB/s 00:00 sftp> ls -l -rw-r--r-- 1 itaig itaig 0 Jan 6 18:26 1.file -rw-r--r-- 1 itaig itaig 0 Jan 6 18:26 2.file -rw-r--r-- 1 itaig itaig 0 Jan 6 18:26 3.file -rw-r--r-- 1 itaig itaig 0 Jan 6 18:36 4.file sftp> get 1.file Fetching /home/itaig/test_folder/1.file to 1.file sftp> lpwd Local working directory: /root sftp> pwd Remote working directory: /home/itaig/test_folder sftp> bye [root@geek-kb ~]#
Executing commands on remote machines using SSH
In order to run a command on a remote machine using SSH, simply specify your command in double quotes (” “) in the end of the ssh command, like so:
ssh username@hostname "command"
itaig@itaig-lt:~$ ssh root@geek-kb "service httpd status" httpd (pid 9130) is running... itaig@itaig-lt:~$
If you want to avoid entering your passwords time after time when connecting to remote machines while using ssh / scp / sftp , follow our How To: Allow auto login between Linux machines article.
I hope you like this article, please feel free to leave comments or ask questions.