SSH & Remote Access
Learn how Linux systems are managed remotely using SSH and understand why SSH is one of the most important technologies in servers, DevOps, and cloud infrastructure.
Difficulty: Beginner
Estimated reading time: 60 min
Introduction
One of the most important moments in learning Linux is realizing:
Most Linux servers do not have a graphical interface.
In modern infrastructure, servers are usually:
- remote
- headless
- managed through terminals
- accessed over networks
This is where SSH becomes essential.
SSH allows you to:
- remotely control Linux machines
- manage servers securely
- deploy applications
- transfer files
- automate infrastructure
If Linux is the operating system of the internet:
SSH is the doorway into it.
What Is SSH?
SSH stands for:
Secure Shell
SSH is a protocol that allows:
Secure remote communication between systems.
With SSH, you can open a terminal session on another machine over the network.
Example:
ssh user@server
This creates an encrypted remote shell connection.
Why SSH Exists
Before SSH, systems often used:
Telnet
Telnet transmitted:
- passwords
- commands
- data
in plain text.
This was extremely insecure.
SSH solved this problem using encryption.
What SSH Provides
SSH offers:
| Feature | Description |
|---|---|
| Encryption | Secure communication |
| Authentication | Verify identity |
| Integrity | Prevent tampering |
| Remote shell | Terminal access |
| File transfer | SCP / SFTP |
| Tunneling | Secure forwarding |
SSH became the standard for Linux server administration.
Client and Server Model
SSH works using:
| Component | Purpose |
|---|---|
| SSH Client | Initiates connection |
| SSH Server | Accepts connection |
Usually:
- your laptop = SSH client
- remote Linux server = SSH server
The SSH Server
Linux systems usually run:
sshd
This is the SSH daemon.
It listens for incoming SSH connections.
Usually on port:
22
Installing OpenSSH
Ubuntu / Debian:
sudo apt install openssh-server
Fedora:
sudo dnf install openssh-server
Arch Linux:
sudo pacman -S openssh
Starting the SSH Service
sudo systemctl start ssh
Enable during boot:
sudo systemctl enable ssh
Check status:
systemctl status ssh
Connecting to a Remote Server
Basic syntax:
ssh username@server-ip
Example:
or:
First Connection Warning
On first connection:
The authenticity of host can't be established
SSH asks whether the server identity is trusted.
If accepted:
Host key gets stored locally
This helps prevent impersonation attacks.
Understanding Host Keys
SSH servers have cryptographic identity keys.
These keys prove:
The server is really who it claims to be.
Very important for security.
Password Authentication
Initially, SSH often uses passwords.
Example:
Password:
After successful authentication:
Remote shell opens
Why Password Authentication Is Weak
Passwords can be:
- guessed
- brute-forced
- leaked
- reused
Modern infrastructure strongly prefers:
SSH key authentication.
SSH Key Authentication
What Are SSH Keys?
SSH keys are cryptographic credentials.
They come in pairs:
| Key | Purpose |
|---|---|
| Private key | Secret, stays on your machine |
| Public key | Shared with servers |
Why SSH Keys Are Better
SSH keys are:
- more secure
- harder to brute-force
- easier to automate
- passwordless
Most professional Linux infrastructure relies on SSH keys.
Generating SSH Keys
Create keys:
ssh-keygen
Example output:
Generating public/private rsa key pair
Default Key Location
Keys are usually stored in:
~/.ssh/
Example:
| File | Purpose |
|---|---|
id_rsa |
Private key |
id_rsa.pub |
Public key |
Understanding the Warning
Never share:
id_rsa
This is your private key.
Sharing it is similar to sharing your password.
Public Key Distribution
Copy public key to server:
ssh-copy-id user@server
Now the server trusts your key.
Connecting with SSH Keys
After setup:
ssh user@server
works without passwords.
Authentication uses cryptography automatically.
How SSH Key Authentication Works
Simplified flow:
Client proves ownership of private key
↓
Server verifies against public key
↓
Access granted
Private keys never leave your machine.
The ~/.ssh Directory
Important SSH Files
| File | Purpose |
|---|---|
authorized_keys |
Trusted public keys |
known_hosts |
Remembered server identities |
config |
SSH client configuration |
authorized_keys
On the server:
~/.ssh/authorized_keys
contains allowed public keys.
If your public key exists there:
SSH login is allowed.
known_hosts
Client-side file:
~/.ssh/known_hosts
Stores server fingerprints.
This protects against man-in-the-middle attacks.
SSH Configuration
SSH Config File
Client configuration:
~/.ssh/config
Example:
Host myserver
HostName 192.168.1.50
User john
Now connect simply:
ssh myserver
Very useful for managing many servers.
Using Different Keys
Example:
Host production
HostName prod.example.com
User root
IdentityFile ~/.ssh/prod_key
Common in DevOps environments.
File Transfers with SSH
SCP
Secure file copy.
Upload file:
scp file.txt user@server:/home/user/
Download file:
scp user@server:/home/user/file.txt .
Recursive Directory Copy
scp -r project/ user@server:/var/www/
Very common during deployments.
SFTP
SSH also supports secure file transfer sessions.
Connect:
sftp user@server
Useful for interactive remote file management.
SSH Port and Networking
Default SSH Port
SSH usually runs on:
22
Check listening ports:
ss -tuln
Example:
LISTEN 0 128 0.0.0.0:22
Custom SSH Ports
Some administrators change SSH ports:
2222
2200
to reduce automated attacks.
Connect using:
ssh -p 2222 user@server
SSH and Security
Disable Root Login
Very common hardening practice.
Configuration:
/etc/ssh/sshd_config
Example:
PermitRootLogin no
Disable Password Authentication
Safer setup:
PasswordAuthentication no
This forces SSH key usage.
Restart SSH After Changes
sudo systemctl restart ssh
Be careful.
Incorrect SSH configs may lock you out remotely.
SSH Tunneling
What Is Tunneling?
SSH can securely forward traffic.
Example:
ssh -L 8080:localhost:80 user@server
Flow:
Local port 8080
↓
SSH tunnel
↓
Remote localhost:80
Very powerful for secure access.
Real Use Cases
SSH tunnels are commonly used for:
- databases
- internal dashboards
- Kubernetes APIs
- secure administration
SSH and DevOps
SSH Everywhere
SSH is foundational in infrastructure.
Examples:
| Technology | Uses SSH? |
|---|---|
| Cloud servers | Yes |
| Git deployments | Yes |
| CI/CD systems | Often |
| Ansible | Yes |
| Remote administration | Yes |
Even modern cloud-native systems still heavily rely on SSH.
Real-World Example
Deploying an Application
Typical workflow:
Connect to Server
ssh deploy@server
Pull Latest Code
git pull
Restart Service
sudo systemctl restart app
Check Logs
journalctl -u app -f
This is real Linux infrastructure work.
Common Beginner Mistakes
Wrong Permissions on SSH Keys
SSH is strict about permissions.
Fix:
chmod 600 ~/.ssh/id_rsa
Sharing Private Keys
Never share:
id_rsa
Only share:
id_rsa.pub
Forgetting Firewall Rules
If SSH fails:
- service may not run
- firewall may block port 22
Check:
systemctl status ssh
ss -tuln
Locking Yourself Out
Be careful when modifying:
sshd_config
Always test changes before disconnecting.
Linux Philosophy and Remote Access
SSH perfectly reflects Linux philosophy:
- text-based management
- remote administration
- automation
- composability
- security
Linux servers are designed to be remotely controlled efficiently.
This is one reason Linux scales so well in infrastructure.
The Bigger Picture
Once you understand SSH, Linux suddenly feels much larger than a single machine.
You begin understanding:
- remote infrastructure
- cloud servers
- deployments
- automation
- distributed systems
SSH is one of the technologies that transformed Linux from:
A personal operating system
into:
The backbone of the modern internet.
What Comes Next
In the next chapter, we will explore:
- cron jobs
- scheduling tasks
- recurring automation
- timers
- background execution
- Linux job scheduling
This is where Linux automation becomes autonomous.