Learn all about installing and using OpenSSH on servers
In this article, we are going to learn about using OpenSSH on servers. But before we begin, let’s understand what OpenSSH is.
What is OpenSSH?
Open Secure Shell (OpenSSH), also known as OpenBSD Secure Shell, is a set of secure networking utilities based on the Secure Shell aka SSH protocol. This Secure Shell provides a secure channel over an unsecured network in a client-server architecture. First released in 1999, OpenSSH was originally developed as part of the OpenBSD operating system.
OpenSSH is a suite of programs and not a single computer program. The programs in the suite serve as alternatives to encrypted protocols such as File Transfer Protocol (FTP) and Telnet. OpenSSH can be integrated into several operating systems such as Windows, Linux and Unix. In fact, OpenSSH comes pre-installed with our Linux Hosting servers including Shared Hosting.
Features of OpenSSH
OpenSSH is a completely open-source project, not covered by restrictive licencing. This means that their code is available and accessible to everyone via the internet, so as to encourage the developers to reuse the same. Besides, it boasts of the following features:
- Strong cryptography: Encryption kicks in even before authentication begins. Also, no part of the information, including passwords, is transmitted.
- Strong authentication: This feature provides protection against several security problems such as IP spoofing and DNS spoofing, fake routes, etc. Some of the authentication methods used include one-time passwords, public key authentication, and authentication using Kerberos.
- Port forwarding: With the help of this feature, IP/TCP connections can be forwarded over to a remote machine with the help of an encrypted channel. This also helps secure insecure applications such as POP (Post Office Protocol).
- Agent forwarding: With the help of this feature, the user’s authentication keys can be held on the user’s local machine as opposed to storing the keys on other machines in the network. This is done with the help of an authentication agent that runs in the user’s local workstation or laptop.
- Optional data compression: With the help of this feature, the data is compressed before encryption, thus enhancing the performance for slow network links.
Installing an OpenSSH client
Before a secure remote desktop protocol is established with a remote machine, there are a few basic prerequisites that one must take care of:
- You need to turn on the remote computer and ensure that it has a steady network connection
- You need to install and enable the client and server applications
- You need to have the IP address or the name of the remote machine that you wish to connect to
- You need to have all the necessary permissions that are required to access the remote computer
- You need to make sure that the firewall settings are allowing the remote connection
For establishing an SSH connection, you will need two components: a client, and a corresponding server-side component. The client will use the provided remote host information for initiating the connection. Once the credentials are verified, the client will establish an encrypted connection.
OpenSSH comes pre-installed on various Linux versions. In order to install OpenSSH on Linux, you will first have to check whether the client is available on your system. For doing that, you will have to:
- Run the following command:
- On Ubuntu: sudo apt-get install openssh-client
- On CentOS: sudo yum install openssh-client
- Enter your superuser password when asked
- Select ‘Enter’ to complete the installation
This will help you in installing SSH on any machine that has the server-side application on it. You won’t be able to complete this procedure if you do not have the hostname, IP address, or the necessary authority required to get access.
Installing an OpenSSH server
In order to be able to accept SSH connections, the server-side part of the SSH software toolkit needs to be present on your machine. The steps for installation are as follows:
- Run this command to install the SSH server:
- On Ubuntu: sudo apt-get install openssh-server ii
- On CentOS: sudo yum install openssh-server
- Enter your superuser password when asked
- Press ‘Enter’ and ‘Y’ to allow the installation to proceed after the disk space prompt
All the required support files will be installed and you will be able to check the status of the SSH server on your machine by typing the following command:
sudo service ssh status
Now, that we’ve understood how to install OpenSSH. Here are a bunch of tips and tricks which can really help you with using SSH like a pro:
- SSH Tunneling
The web traffic from your local system can be directed to a remote SSH server for encrypting it so as to prevent other users on a public wi-fi system from looking into your data and content.
- Remembering the Public Key
Remembering the long string public key of the computer that you are using can be difficult, you can enable the ‘visual host key’ feature so that it is easier to remember the key. You can enable this feature by running the following command:
ssh -o VisualHostKey=yes user@host
- Keeping a Terminal Session Open
A new terminal session is produced and ended after each log in and log out, respectively. In order to keep the session open, you can use the GNU (GNU’s Not Unix) screen.
- Time-saving Combo Commands
In cases where you only need one command from a remote host, going through the log-in and exit process only for that can be quite a hassle. This can be avoided by combining the request with SSH.
- Using a Different Port Name for Logging In
If the standard port 22 (standard TCP port) at your environment is blocked for some reason and you are required to use another port at your location, you can use the following command –
$ ssh [email protected] -p 3307
Here, 3307 is the alternative port number instead of Port 22.
That’s all from this article! Hope you understood how to use OpenSSH on Linux and install it too. If you have any doubts or suggestions, then please feel free to share them in the comments section below to help out the community!