Set Up SSH for Linux Login and File Copying
Goal: Create a secure way to simply copy/move files from one linux machine to another
Prerequisites: Access to a Linux console
SSH Keys are extremely useful way of security your Linux server. It is often considered best practices to have servers which have an internet accessible ssh connection disallow password authentication and use ssh authentication only. This drastically decreases the chance that your server gets hacked by any sort of brute force method. It also is a great way to have two linux based server communicate with each other. Whether it be copying files between two Linux servers, or setting up a synchronization job, ssh keys are the way to go to automate and secure these processes. Below I will outline how to go about creating these ssh keys and using them.
Adding SSH Keys
- Log in to the source machine that you eventually want to copy your files from
- Run the following command from your home directory
ssh-keygen -t rsa
- When prompted for a file in which to save the key, you can either specify a file name or leave it blank for it to default into the id_rsa key file. Also, here you will be prompted for a passphrase. If you want to be able to ssh/scp/rsync without using a password (as is often the case for cron jobs) you should leave the passphrase blank. After it is generated it will spit back a key fingerprint and some other information.
- Next we need to copy our public key to the destination server. This means you need to have an account that you know the username and password for on the destination server. We copy our key by running the following command:
ssh-copy-id -i ./.ssh/id_rsa.pub username@destinationserver
Note: id_rsa.pub is the name of your file you generated in step 2/3, username is the username of your account on the destination server, and destination server is the ip address or DNS A or CNAME record of your server.
- You will likely be prompted about the authenticity of the host and it will ask you if you want to continue connecting. Type yes
Note: For me I was not able to get by with just typing "y" I had to type out the full word. Also, if your home directory is not secure (IE if you have the permissions set to 775 or 777), you will need to modify the /etc/ssh/sshd_config file on your destination server and set "StrictModes No" so that this will work. If your security is set up properly this shouldn't be a problem.
- You sould now be set up with your ssh key and now we get to show you what cool things you can do with this.
Using SCP (Secure Copy) and Shell via SSH
- To run shell commands on your remote server from your "source" server you can use the following commands
ssh <destinationserver> "command"
Example: ssh server.exchangecore.com "ping google.com -n 8"
- You can also put yourself onto the server if you want to run a series of commands by using:
Note: To return back to your "source" machine use the exit command
- SCP is a very powerful tool when you need to move files from one server to another. While not as rubust as some other tools such as rsync, it still does the job just fine in many instances. SCP can be done by running the following command:
scp <sourceFilePath> <desginationServer>:/<destinationFilePath>
A really useful feature to scp is it's ability to pull files from the other server as well
scp <serverToPullFrom>:/<sourceFilePath> <destinationFilePath>
And there you have a quick overview on how to set up ssh (which can also be used for rsync) and on how to use ssh to access the shell cli on your newly connected server, as well as a brief introduction to using scp to move some files.