Connect to Linux with ssh
Date Published: 13 October 2022
If you have a linux VM you need to work on, the typical way to connect to it is with ssh. Here's how to get started.
What is ssh
The utility ssh is short for Secure Shell or Secure Socket Shell and is similar to the insecure terminal emulator telnet. You can use it to create a terminal session on a remote computer. If you're coming from a Windows background and are used to using remote desktop/RDP to connect to remote machines, ssh is a secure command line equivalent commonly used with Linux machines (and it is possible with Windows machines as well using OpenSSH server).
The basic way to use ssh is to simply specify the remote host. In this manner, once a connection is established, you will be asked for credentials (assuming the server is configured to allow this).
You can also pass your username with the initial command (specified before the host and separate with an '@' character):
A more secure way to configure ssh is with certificate-based authentication. The server can be configured to require this form of authentication, and will return a Permission denied (publickey) response if an attempt is made to connect without a key file.
The key file is typically a .pem file generated using a tool like OpenSSL. Assuming you have a keyfile, you specify it on the connection using the
ssh -i "~\.ssh\pems\secret.pem" email@example.com
This command will prompt: "Enter passphrase for key keyfile-path:"
Enter the correct passphrase associated with the keyfile, and assuming the associated username matches, you'll be authenticated and the connection will succeed.
Generating a pem keyfile with OpenSSL
First, make sure you have the
openssl program in your PATH. If you try to run it and the command isn't found, but you have git installed, you can use the one that ships with git. Just add this to your PATH and open a new terminal window:
Once you have openssl in your path, run this command to create a new self-signed certificate:
openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem
This will generate both a certificate (public key) and a private key. They're just text files, so you can easily view their contents, which are labeled appropriately.
The remote server administrator will need to add the certificate to the server. When you connect with ssh, you will specify your private key (pem file) as shown above.
Assuming you enter the appropriate passphrase for the private key file, you should be able successfully connect, and you'll be greeted with the server's information and a command prompt.
Steve is an experienced software architect and trainer, focusing on code quality and Domain-Driven Design with .NET.