DevOps — Linux — SSH basics for SysOps (and beyond)
Introduction
If there’s one thing I use every day at work, it’s SSH (Secure Shell). And very often. So it’s natural for me to write this article.
Designed to replace the unencrypted communication protocols still in widespread use (led by rsh and Telnet), SSH appeared almost 30 years ago, offering encryption of data transmitted between client and server. It will enable SysOps to manage their machines remotely and securely.
With the widespread use of virtualization, cloud and outsourcing of servers indatacenters, SSH became an essential tool. Of course, to make the best use of it and guarantee a high level of security as an administrator, but also simply to save time. In the long term, saving even a few seconds on an operation you’re going to repeat countless times a day is much more than just a few seconds.
Unlike my previous article on systemd,which could be a bit long-winded, I’ve decided to divide the subject into three separate articles. In this one, we’ll be looking at how SSH actually works, and the various tricks I’ve picked up over the years.
The next article will focus on an SSH Bastion I’ve been using for many years. I can’t imagine going back in time and administering access without this tool.
And in the last article, we’ll look at encryption. In particular, we’ll explore how the protocol guarantees secure transmission without compromising the integrity or confidentiality of the information exchanged. In all honesty, this won’t really help you get the most out of SSH, but I think it’s an interesting subject to talk about. And therefore worth knowing.
Enjoy your reading!
How SSH works
Let’s start with a brief explanation of how SSH works. As mentioned in the introduction, SSH will enable you to take control of a remote machine (server) from your local machine (client). So, we’ll need several pieces of information about the server:
- user
- ip address or hostname
- port (default: 22)
On our local terminal, we can then enter the following command to access it:
$ ssh example-user@example-vm #…
![Milos Vasiljevic](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="40" height="40"><rect fill-opacity="0"/></svg>){kind=small}
![DevOps — Linux — Boot process](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="500" height="500"><rect fill-opacity="0"/></svg>)
