From Wikiversity
Jump to navigation Jump to search

OpenSSH is a popular suite of software utilities implementing Secure Shell (SSH) protocol. OpenSSH includes the ability to set up a TCP secured channel and it is widely use as a replacement for not secured telnet and secure replacement of file transfers such as rcp and ftp. OpenSSH offers a great number of features including ssh session multiplexing. [1][2]

The OpenSSH suite includes the following command-line utilities and daemons:

  • ssh, ssh client and TCP secure replacement for rlogin, rsh and telnet to allow shell access to a remote machine.
  • scp, a replacement for rcp (Unix)
  • sftp, a replacement for ftp to copy files between computers
  • sshd, the SSH server daemon which allows shell access and file transfers to a remote machine.
  • ssh-keygen, a tool to inspect and generate the RSA, DSA and Elliptic Curve keys that are used for user and host authentication
  • ssh-agent and ssh-add, utilities to ease authentication by holding keys ready and avoid the need to enter passphrases every time they are used
  • ssh-keyscan, which scans a list of hosts and collects their public keys
  • ssh-copy-id, copy local keys to remote machine.

Readings[edit | edit source]

ssh clients[edit | edit source]

OpenSSH includes an ssh client:ssh. Others clients are available such us putty, mosh, paramiko and autossh[3].

autossh[4] main feature not include in OpenSSH ssh client is the capability to monitor an ssh connection and restart it if necessary.

  • Loop waiting to connect to server: AUTOSSH_POLL=5 AUTOSSH_GATETIME=0 autossh -M 0 -o ServerAliveInterval=5 -o ServerAliveCountMax=1 YOUR_SERVER_NAME_OR_IP

Ssh clients in Linux are frequently executed inside a terminal or using any kind of terminal multiplexer such as tmux or screen.

Activities[edit | edit source]

Basic[edit | edit source]

Intermediate[edit | edit source]

  • Learn about different client connection options, such us: -oBatchMode=yes or -o ConnectTimeout=2[7]
  • Connect to remote server temporarily turning off host key checking, (security implications): ssh -oStrictHostKeyChecking=no SERVER_NAME

Advanced[edit | edit source]

  1. Read ssh documentation about multiplexing and its implementation details:
  2. Configure ssh session multiplexing
  3. Use ProxyJump directive to connect using a "Jump Server"[8]
  4. Run a shell script on a remote machine using ssh: ssh root@MachineB 'bash -s' <[9]. See also: parallel
  5. Read source code

See also[edit | edit source]

References[edit | edit source]