Scribd
Upload
21 views8 pages

4.1.2 SSH

ss

Uploaded by

Kirubel Alebachew
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
21 views8 pages

4.1.2 SSH

ss

Uploaded by

Kirubel Alebachew
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

Secure Communication


Communicating between servers in a secure way, and

Secure Shell (SSH) is the common solution

The secure shell or ssh is a collection of tools using a secure protocol for
communications with remote Linux computers

The ssh protocol is secure in two ways. Firstly the connection is
encrypted and secondly the connection is authenticated both ways. It
SSH

SSH is a server/client protocol offering
– sshd as the server and the ssh and scp commands as the client.
– The client connects to the server, they establish an encrypted session


The implementation of SSH used on Linux systems is OpenSSH.

SSH provides security by using secret Keys generated in two ways:
– RSA (Rivest, Shamir, Adleman) – propritery algorithm, default
– DSA (Digital Signature Algorithm – open algorithm

To generate ssh private and public key
# ssh-keygen
Start sshd


Package name openssh-server* & openssh-clients* for
server and client respectively. It uses sshd as the server
deamon.
# rpm -ivh openssh-server-7.4p1-16.el7.x86_64.rpm

Configuration file is /etc/ssh/sshd_config

To show sshd status use the following command:
# systemctl status sshd

To start sshd use the following command:
# systemctl start sshd

To enable the service at boot time use command:
# systemctl stop sshd

To restart the SSH server use the following command:
# systemctl restart sshd
ssh client


ssh command Used to secure shell sessions with server
# ssh [options] username@hostaddress [command]
– Can also be used to copy files or tunnel other data
– See man ssh for options


Example
$$ ssh
ssh lpiuser@192.168.1.1
lpiuser@192.168.1.1
lpiuser@192.168.1.1's
lpiuser@192.168.1.1's password:
password:
$$ ls
ls
bin
bin
boot
boot
dev
dev
etc
etc
home
home
lib
lib
lib64
lib64
lost+found
lost+found
media
media
scp client


scp is used to copy files over ssh.

Scp command transfers files from a remote host to the local system or from the
local system to a remote host.

It utilizes the ssh server for authentication and encrypted data transfer.
scp user@host:path/file user2@host2:path/file2
– user@host maybe omitted for local files, path is relative to $HOME

It uses option -r for directory and sub directory


Example
$$ scp
scp root@192.168.1.1:/var/www/html/LPI
root@192.168.1.1:/var/www/html/LPI /Users/Macbook/Shopping
/Users/Macbook/Shopping
scp(secure copy)

Example1:

Here copy the /etc/hosts file from the remote server to the
home directory of lpiuser
[root@server02]# scp root@192.168.1.1:/etc/hosts
/home/lpiuser/serverhosts
Example2:

Here is an example of the reverse, copying a local file to a
remote server.
[root@server02]# scp /home/lpiuser/serverhosts
root@192.168.1.1:/etc/hosts.new
Synchronize files and folders with rsync


rsync tool use to securely copy files from one system to
another. It differs from scp in that if two files or directories
are similar between two systems, rsync only needs to
copy the differences between the system, while scp copy
everything.

Two most common options
– a archive mode
– v verbos
# rsync option source destination

Example:
content of /var/log is synchronized into /tmp
[root@server02]# rsync -av /var/log /tmp
Exercise


ssh into your ssh server.

scp /etc/hostname from your ssh server into your ssh
client.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy