Many thanks. This is a great tutorial. It helps to learn basic uses of ssh. I was looking for this. It saved my time from googling and reading long "man ssh" page.
One last thing,reading other mail from fedora-list I knew that I must be the ssh administrator for log-in using ssh.
How can I be the ssh administrator?Is it possible for me? Or is there any ssh server(free) where I can log-in using ssh without bothering about being ssh server administration or concerning of having an account in remote computer by the ssh administration.
--- On Sun, 6/7/09, Chris Tyler chris@tylers.info wrote:
From: Chris Tyler chris@tylers.info Subject: Re: ssh tutorial To: "Community assistance, encouragement, and advice for using Fedora." fedora-list@redhat.com Date: Sunday, June 7, 2009, 12:04 AM On Fri, 2009-06-05 at 23:39 -0700, gmspro wrote:
Would anyone tell how to use ssh command in brief?
Let me try my hand at a basic primer...
(1) SSH is used to login to a remote computer:
ssh user@computer
Or: ssh -l user computer
Where:
'user' is your username on the remote computer.
'computer' is the hostname of the remote computer, if it has a DNS A record or an entry in /etc/hosts, or the IP address.
Examples:
ssh jason@argonaut
Logs in as 'jason' on the computer 'argonaut', assuming that the IP address for 'argonaut' is listed in the /etc/hosts file. This approach might be used on a small home network.
ssh chris@global.proximity.on.ca
Logs in as 'chris' on the computer 'global.proximity.on.ca', where 'global.proximity.on.ca' has a correctly-configured DNS entry so it can be resolved into an IP address. This approach is used for almost all publicly-accessible machines.
ssh jane@172.16.16.1
Logs in as 'jane' on the computer with the IP address 172.16.97.1. With this approach you need to know the IP address but don't require an entry in /etc/hosts or a DNS A record. This approach might be used when initially setting up some machines on a network.
These commands will give you shell access on the remote machine, after you have provided your password.
Additional information:
- You can leave the username out if it's exactly the same
as the username under which you logged in to the local machine:
ssh global.proximity.on.ca
- You can add a command name if you want to run just one
command instead of accessing a shell. For example, to run 'who' on zenit.senecac.on.ca I could use:
ssh chris@zenit.senecac.on.ca who
- Adding the '-C' option (note the capital letter) turns on
compression. If you're going through a slow connection, this can improve performance. If you're on a local connection (LAN), don't bother.
- Adding the '-X' option (again, a capital letter) turns on
X11 forwarding. This lets you run a graphical command remotely and have it display locally, assuming that the local system has an X server (e.g., the local computer is running Linux/BSD/Solaris/AIX/... with a GUI, or it's running OSX or Windows and an X server has been started). For example:
ssh -XC chris@concord3 virt-manager
...will run the virt-manager application on concord3 and display the virt-manager graphical window on the local display. Note: in some situations, depending on the ssh server configuration, you may need to use '-Y' instead of '-X'. (Note that the -C option is also being used here; its use with -X is strongly recommended).
(2) You can use the related 'scp' secure copy utility (or, alternately, sftp) to transfer files to and from a remote system using ssh:
scp user@computer:/path/to/file name
This transfers /path/to/file from the account 'user' on the remote system 'computer' to 'name' on the local system. Note that this is the same syntax as the 'cp' (copy) command, except that 'user@computer' is placed in front of the source filename.
Examples:
scp chris@concord3:/etc/services c3s
The file /etc/services on concord3 (using account name 'chris') is transferred to the file 'c3s' in the local current directory.
scp chris@concord3:~/todo.txt .
The file 'todo.txt' in the home directory of user 'chris' on 'concord3' is transferred to the current directory ('.').
You can also transfer *to* a remote system, by putting the user@computer part in front of the destination file:
scp todo.txt jason@host3.example.com:/tmp/
The file 'todo.txt' on the local system (current directory) is transferred to the /tmp directory on the system 'host3.example.com' using the account 'jason'.
(3) See the ssh documentation for information on how to use ssh with public/private keys, eliminating the need to constantly retype the password.
Hope this is useful--
-- Chris Tyler
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
On Sat, 2009-06-06 at 17:26 -0700, gmspro wrote:
Many thanks. This is a great tutorial. It helps to learn basic uses of ssh. I was looking for this. It saved my time from googling and reading long "man ssh" page.
One last thing,reading other mail from fedora-list I knew that I must be the ssh administrator for log-in using ssh.
How can I be the ssh administrator?Is it possible for me? Or is there any ssh server(free) where I can log-in using ssh without bothering about being ssh server administration or concerning of having an account in remote computer by the ssh administration.
Like telnet, ssh works in a client-server fashion.
When one does telnet jason@argonaut, one is running the telnet client on one's PC. One is connecting to the telnet daemon (telnet server) on the computer, argonaut.
Similarly, when one does ssh jason@argonaut, one is running the ssh client on one's PC. One is connecting to the ssh daemon (ssh server) on the computer, argonaut.
To make this example concrete, let us first get specific information on a specific implementation of ssh. You might be using the ssh client from openssh. Please see the URL: http://openssh.com/ In the second paragraph, at the time of this message, they mention the ssh program, and they mention the program, sshd, calling sshd the server side of the package. The ssh program has a URL to the openbsd man page for ssh: http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1 The sshd program has a URL to the openbsd man page for sshd: http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8
Let's say the name of your computer is jefferson. You wish to connect to the remote computer, argonaut. On the remote computer, argonaut, is the account, jason.
On your computer, jefferson, you do the command, ssh jason@argonaut.
Your ssh client, on jefferson, will attempt to connect to the ssh server, running on the computer, argonaut. The user name, jason, needs to exist on the computer, argonaut. If you are supposed to give a password, the password will be the password used on the computer, argonaut.
The ssh server administrator controls the computer, argonaut. He must set up the account, jason, on the computer, argonaut. He must allow people to ssh to the account, jason, on argonaut. He will configure what types of authentications are permitted. He will configure if you can enter the password for the account, jason, to log-in, or you need public key authentication. He will configure other options.
I assume you are not the ssh server administrator for argonaut. I assume you do not control the computer, argonaut, in our example.
If you did control the computer, argonaut, and were trying to connect to the computer, argonaut, from another computer, you would need to know how to configure the ssh server running on argonaut. Configuring a ssh server incorrectly is a security risk. If you need to do this, I would suggest you find a person, you trust, who has configured ssh servers before, to help you do this.
You ask the question, could someone let you use ssh to connect to their computer without creating an account on their computer? The answer is no. They have to set up the account.
They might set up an anonymous or guest account that allows limited access for a specific purpose, but that account, be it anonymous or guest must be set up.
An anonymous account might be set up that lets you download publicly available source code for Linux using cvs. You wouldn't be able to do anything else. You wouldn't be able to use that account to do shell commands on their computer.
You wish to use ssh to connect to the remote computer so you can issue shell commands. This requires a higher degree of trust. The people controlling the computer, argonaut, need to be able to identify who you are. They need to be able to "trust" you are who you say you are.
-
gmspro -
Rick Sewill