Cognitionis
The little I know
Home Blog Explorer Bibliography About me Login

SSH - Remote Linux Access


Secure Shell or SSH is a network protocol that allows data to be exchanged over a secure channel between two computers. It uses public-key cryptography to authenticate the remote computer and allow the remote computer to authenticate the user, if necessary.

SSH is typically used to log into a remote machine and execute commands, but it also supports tunneling, forwarding arbitrary TCP ports and X11 connections; it can transfer files using the associated SFTP or SCP protocols. An SSH server, by default, listens on the standard TCP port 22.

An SSH client program is typically used for establishing connections to an SSHD daemon accepting remote connections.

Installation: sudo apt-get install ssh
Usage: ssh hostname or ssh user@hostname
To be able to execute X11 commands you have to use -X option (ie.: ssh -X user@altea.dlsi.ua.es)
To use -X ssh configuration (/etc/ssh/sshd_config) must contain:
X11Forwarding yes
X11DisplayOffset 10
After making any change you should restart ssh (/etc/init.d/ssh restart )

When “remote host identification has changed” error apears you can solve it by deleting $HOME/.ssh/known_hosts file.

You have to configure somethings… see: (export display)
http://mcuser.valencia.edu/ca/art.php?art=ard&pag=rx11.html

Trick: if you want to execute Firefox remotely you have to kill it first using killall -9 firefox-bin

Use SCP to transfer files: scp file usr@hostname:

TRICK: It’s better to transfer compressed files containing whatever we want to transfer but when not possible use scp -r to copy entire directories recursively.

Screen, such an util application. You can close ssh shell and mantine the session active (but you can’t turn off your machine).

Execute in background to avoid killing programs executed in a ssh session on closing (&).
Is not enough to use & you should use nohup as well (example: nohup wget “link_ftp” &). Explanation

When you logout fom bash it throws a hup to all client jobs killing them. To avoid this you can use shopt to view shell options and notice that huponexit is on. The trivial solution is to turn it off by shopt -u huponexit (-s to re-activate).

SSH through PHP

Two different options are the best I’ve found to use SSH in PHP:

  1. Using ssh2 php module (requiring libssh2).
  2. Using expect to login like if we were in a shell.

SSH through Bash shell script

The script basically needs to run only the following command:
ssh user@host command
where “command” is a program (script) on the remote host to create new squid config, stop squid and restart it.

To be able to automatically login using SSH, you should put the public key of your host in ~user/.ssh/authorized_keys file on the remote machine.

Users can set up SSH so that they have passwordless ssh access to DreamHost servers.

On your home computer, you must generate an RSA private key:

ssh-keygen -t rsa

It will prompt you for three things, hit enter to accept the default on all three.

Next, you must copy your public key to DreamHost’s server. Replace user and example.com with your username and domain name, respectively.

scp ~/.ssh/id_rsa.pub user@example.com:~/

Now you must ssh to your account (using your password):

ssh user@example.com

Now append the public key to your authorized keys file and delete the file you uploaded:

mkdir .ssh
cat id_rsa.pub >> .ssh/authorized_keys
rm id_rsa.pub

Now make sure permissions are set properly for all necessary files and directories:

chmod go-w ~
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys


Another way to do it (useful when you do not have permisions or you do not have ssh-keygen) is:

Generate a pair of keys wherever: ssh-keygen.
Then copy the private key in the source machine: cp key ~/.ssh/rsa_id
After that include public key in authorized_keys of destination machine: cat key.pub >> authorized keys

That's it!~/.ssh/

 
©2008 Cognitionis - Hector Llorens