Secure Shell, or SSH, is a protocol that allows you to log in to a remote server securely. In this tutorial, we will show you how to set up SSH login on your server.
What is SSH
Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. The best known example of SSH is for accessing shell accounts on remote servers, but SSH also refers to the suite of utilities that implement the SSH protocol.
SSH provides a secure channel over an insecure network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH.
The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2. The most visible application of the protocol is for access to shell accounts on Unix-like operating systems, but it sees some limited use on Microsoft Windows as well.
Why Use SSH
SSH, or Secure Shell, is a secure protocol and authentication mechanism used to access remote servers. SSH uses public-key cryptography to encrypt data being transmitted over the network, making it more secure than traditional protocols like FTP and Telnet.
There are many reasons to use SSH, but here are a few of the most important:
- Security: As mentioned above, SSH is much more secure than other protocols like FTP and Telnet. If you’re transmitting sensitive data, SSH is the way to go.
- Convenience: SSH can be used to automate tasks like backups and updates. You can also use SSH to tunnel into other networks, providing a secure way to access resources that might otherwise be inaccessible.
- Compatibility: SSH is available on virtually all operating systems, making it a convenient choice no matter what platform you’re using.
- Support: There’s a large community of SSH users and developers, so finding help or troubleshooting problems is usually just a Google search away.
How to Set Up SSH Login
- First things first, you need to have a server that you can connect to via SSH. If you don’t already have one, you can set one up by following our guide on how to set up an Ubuntu server.
- Once you have your server set up and you’re able to connect to it via SSH, the next thing you need to do is generate a public/private key pair. This will be used to authenticate your connection when you login.
- To generate a key pair, you can use the ssh-keygen command. Just run the following command on your local machine:
ssh-keygen -t rsa
This will generate a public key and a private key. The private key will be stored on your local machine and the public key will be uploaded to your server.
- Now that you have your key pair generated, the next thing you need to do is upload your public key to your server. The easiest way to do this is to use the ssh-copy-id command. Just run the following command, substituting in your own user and server information:
ssh-copy-id user@server
This will copy your public key over to your server and append it to the ~/.ssh/authorized_keys file.
- The last thing you need to do is edit the SSH configuration file on your server so that only key based authentication is allowed. To do this, open up the sshd_config file:
sudo nano /etc/ssh/sshd_config
And make sure that the following lines are uncommented and set to yes:
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
VerifyHostKeyDNS yes
StrictHostKeyChecking yes
- Once you’ve made those changes, save and close the file. Then restart the SSH service for the changes to take effect:
sudo systemctl restart ssh
Now try logging in to your server again using the ssh command. This time you should not be prompted for a password and you should be logged in automatically.