Understanding SSH and SCP Protocols in Linux Operating System

What is SSH?

SSH is a Secure Shell protocol that lets you to open the remote terminal or shell session on any Unix based server where according to the permission available to the account you logged in to and execute commands.The primary advantage of ssh over other protocols including telnet is that everything you do during the session  will be encrypted so that anyone who might be watching at any point between you and  remote host will see only the unreadable text

Note: SSH stands for Secure Shell.All SSH session is encrypted and it requires authentication.It provides a very safe and secure way of exchanging the commands, configuring the services over remotely.Another important point is when you connect to the remote server using ssh you log in using an account that exists on the remote server.

Note: The port number for SSH protocol is 22

An Overview of how SSH works?

1.When an administrator connects to the remote server using SSH he will be dropped in to a shell session (usually bash), where you can execute commands, it will allow you to use only text-based  interface, whatever command you execute in to your local terminal are sent through an SSH tunnel (with encryption)and then it executed on your server

2.The SSH connection is purely based on the client-server model this means for an SSH connection to be established, the remote server must be active with the ssh daemon(sshd).This daemon will listen for the connections on the specific port(ssh), it authenticates the connection request and allows the connection if the user provides the correct credential details.

3.The client system must have an SSH client software and this software knows how to communicate with the SSH protocol, provides information about the remote host, username to use, credentials that need to passed to authenticate and many more.

How does SSH Authenticate users?

1.Most clients use to authenticate by using the password which is very less secured and not recommended to use, use the SSH keys which is a very secure way to connect.

2.SSH keys are sets of cryptographic keys which can be used for the authentication.Each set contains Public key and Private key.

Public Key: It is made available to everyone, it can be shared with anyone without concern.

Private Key: It must remain confidential to its respective owner

Note: Whatever is encrypted with a public key only be decrypted by its corresponding private keys.

Let me tell you how ssh key-based authentication works at the backend,

If you want to authenticate using SSH keys, the user should have an SSH key pair on their local system, now on the remote server, the public key must be copied to the file within the user’s home directory at ~/.ssh/authorzied_keys.This file contains a list of public keys, one per line, that are authorized to log in to this account.

Now when a user connect to a host, wishing to use the SSH key-based authentication, it will inform the server of this request and tell the server which public key to use,then the server checks its authorized_keys file for the public key,generate a random string and encrypts it using the public key,this encrypted message can be only decrypted with the associated private key.The server then will send this encrypted message to the user to test whether they actually have the associated private key.

Upon receipt of this message, the client will decrypt it using the private key, it then compares both the values if both the values are same then it allows the connection.This is how  SSH key based authentication works.

Now let us see how to connect to the remote server with SSH protocol

Ex:1 Connect to remote server  from local server:

The basic syntax to for this as follows,

#ssh <remote server ip address or host name>

In this example, I use my two  Linux servers for the demonstrations.

Server details:

Server1 IP address:10.250.1.50/linuxvasanth.com-Located at USA

Server2 IP address:10.250.1.100/productionclient-Located at LONDON

Let us see how to connect to server2 from server1.

linuxvasanth.com #ssh   10.250.1.100

If this is the first time you use the SSH you will see the below messages on your terminal

 

After giving Yes this will add your server to your list of known hosts(~/.ssh/known_hosts)

Each and every server will have a host key and the above confirmation question is related to verify and save the host key, Now next time when you connect to the server, it can easily verify that it is a trusted known server.After the server authentication is successfully finished it asks for a password.

Note: By default, SSH allows the direct root login, so here you have to give the root user password of the remote server(i.e 10.250.1.100 ip root user)

Now you can execute any commands, can configure services and many more.Here, for example, my task is to create a user account and password on remote server

The above output says the account has been created successfully on the remote server.

Once you have done with your task with the remote server you can leave the session or disconnect by using the exit command

To exit the connection

A

As you can see from the above output after executing “exit” command the remote server login session gets disconnected and your terminal now changes it to your local server session.

Ex 2: How can I log in as a normal user to a remote server?

In our first example I have explained how to login to remote server as a root user, As you know by default SSH allows the direct root login to remote server, in case if you want to connect to the remote server with non-root user run the following syntax

Note: Check the non-root user account exists or not on the remote server before you start.

Syntax:

linuxvasanth.com #ssh non-rootuser@remoteserverip
linuxvasanth.com #ssh john@10.250.1.100

After giving john user password you will connect it to the remote server terminal session as follows

Now if you want to gain root access you can use the switch user command “su” to switch to multiple user accounts as follows

Now to disconnect the session first you need to log out from the accounts you have connected as follows

How to change the default SSH Port number?

To protect your server from anonymous attack changing the default port number to another any unused port number would help .all users with Linux servers can change the SSH port number from SSH configuration file(the default port number for SSH is 22).

The configuration file for SSH is /etc/ssh/sshd_config

All you need to do is edit this sshd _config file, open the file with your preferred editor, before that it is always good to take a backup of the original file before you made any changes in it.

#cp  /etc/ssh/sshd_config    /etc/sshd_config.original

Open the file with the vi editor

#vi   /etc/ssh/sshd_config

# $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $

# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.

#Port 22 -->default port number used for SSH now change this to your prefered port number
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# Disable legacy (protocol version 1) support in the server for new
# installations. In future the default will change to require explicit
# activation of protocol 1
Protocol 2

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
"/etc/ssh/sshd_config" 137L, 3848C

From the above file the line #port 22 here the # means it tells the server to ignore anything after it on the same line, now we will need to remove that character and put your preferred new port number.

Note: Make sure you are not using the port number which is already in use.If you are unsure check this TCP/IP and UDP Port numbers and its uses

Try to use the port number which is not listed in the above link, here I use 2222 port number.

Note: In firewall also you will need to change SSH port number to the new one.

Now restart the SSH service as follows

After making any changes in the default configuration file you will need to restart the respective service to make the changes come in to effect.here we have to restart the ssh service

#service sshd restart

From now onwards SSH will listen to the port number you have specified.

Understanding SCP Protocol in Unix/Linux operating system:

Scp stands for Secure Copy used to send files from Local server to remote server(Uploading) and copying files from remote server to local server(uploading) with securely, secured means all the data while transferring through the network  is encrypted.

SCP is installed by default on all Linux distributions as a part of OpenSSH package

Note: SSH is used to connect to the remote server with text-based interface

SCP- used to transfer files between the different servers

Scp it uses the  SSH port number 22 to establish the connectivity between the server

Ex:1 How to transfer  a file from Local server to remote server

For this example, the syntax would look like this

#scp  <FILE TO BE TRANSFER FROM LOCAL SERVER>  <USERNAME@REMOTESERVER IP ADDRESS>  :<DESTINATION PATH REMOTE SERVER>

Server1:10.250.1.50(Local server)

Server2:10.250.1.100(Remote server)

Now  am going to transfer a file from local server to remote server

#scp  /documents root@10.250.1.100:/tmp

Note:/documents is the local server file to be transfer

/tmp is the remote server destination directory path

Once the authentication is successful the file will transfer to the remote server destination path, you will see the percentage as 100 which indicates the entire data has been successfully transferred to the remote server.

Now to verify go to the remote server (10.250.1.100) /tmp directory and list whether the file /docments is successfully saved.

#cd  /tmp

#ls -t

Note: -t option is to list the latest modified or create file to display  in the first

The above screenshot has confirmed the file has been successfully saved under /tmp directory of the remote server.

Ex:2 How to transfer a directory and all its contents from local server to the remote server?

To copy the entire directory we need to use the option -r  with the scp command i.e recursive which will select the entire directory contents.

Syntax:

#scp  -v  -r  <Local server dir>   <user@remote server ip>:<remote server destination dir path>

you can also use the -v verbose option to view the detail output on your screen.

From Server1 (10.250.1.50) am going to transfer /mydatabase directory to the remote server /myfolder path

As you can see from the above output mydatabase directory is have some files and subdirectories.

#scp   /mydatabase root@10.250.1.100:/myfolder

Note: If you forget to mention -r option while transferring the entire directory you will get the error message it is not a regular file, check the above screenshot.

Always use  -r while transferring the entire directory to the remote server.

After giving the correct password scp will transfer the /mydatabase directory to the remote server directory /myfolder

Now go to the remote server /myfolder path and confirm whether the directory /mydatabase is successfully transferred.

#cd  /myfolder

#ls

AS YOU CAN SEE FROM THE ABOVE OUTPUT THE ENTIRE DIRECTORY ALL ITS CONTENTS FROM THE LOCAL SERVER /MYDATABASE  WAS SUCCESSFULLY TRANSFERRED TO /MYFOLDER PATH.

 

Note: To copy the files from remote server to the local server path you would use the same syntax in reverse as follows
#scp  username@remoteserverip:<remote serverfile>   <local server path>

I hope now you have understood the SSH and SCP protocols their uses in production environment

Never miss an article from this blog, Kindly do like my FB page Learn Linux in a easier way
If you found this article useful, Kindly Subscribe here 👉👉🏿Click this link to Subscribe