Some ways how to connect to remote Linux server.

Posted on 23.02.2022 by yogene

To establish the ssh-connection between local and remote machines there are two main ways possible to pass the authentication:

  • Classic – login/password pair
  • A little more complicated, but safe and reliable – using a pair of RSA keys to introduce youself

Setup the remote side

Password login

Some linux images, e.g. from OCI have the access via login/password disabled by default, so the OS demands the key file to let the user log in. To open the possibility of such kind authentication the corresponding parameter in the config file has to be added/modified:

sudo nano /etc/ssh/sshd_config

Find PasswordAuthentication parameter and change the value to yes. If you are too lazy to enter the password and want to make a security breach in your system, refer also to PermitEmptyPasswords parameter and google “linux user with empty password”. Restart sshd service to implement the settings.

sudo systemctl restart sshd

OK, from now any user with defined password may log in with his own account credentials.

If there are some troubles with users and passwords – refer to the corresponding cheatsheet.

RSA keys pair

[toDo]

Creation of the keys

ssh-keygen

Permissions: home dir – rwxr-*r-* (chmod go-w <home dir>); .ssh dir – 700; key file – 600; on the serverside – authorized_keys – 600;

Registering keys in the system

Remote access procedure

Initial data for remote login

To connect to the remote Linux system there are some credentials are needed to be known in all the cases:

  • IP-address of the PC or server you are going to connect to
  • The username existing on the remote system to log in with
  • Some secret like password or the private key if RSA key pair is registered in remote host system

Connect via Windows or Linux command shell

Here is one general utility is in use calling ssh for both Windows 10-11 cmd/Power Shell and Linux command shell. The command format depends on the access method:

ssh <IP address/domain name> – simple form, which leads to the sequential prompt of the username and password.

ssh <username>@<IP address/domain name> – log in with a defined user name, the only password will be requested.

ssh <username>@<IP address/domain name> -i <private key / key filename> – log in using RSA-key authentication. If all the credentials are alright, the log-in procedure proceeds instantly without any input. If something wrong with keys, but the password authentication is allowed, the user password is prompted.

During the first login there is the need for the confirmation of the trust to the remote host, just type “yes” if you’re sure, that you connect to the proper host.

If key auth doesn’t work: ssh <username>@<IP address/domain name> -i <private key / key filename> -vv – displays detailed connection try report

On the servfer side check logs:

/var/log/auth.log (Debian/Ubuntu)

/var/log/secure (RHLE/CentOS/Oracle Linux)

Connect via PuTTY

[toDo]

This entry was posted in linux and tagged . Bookmark the permalink.