📰 How SSH works

📅 October 15th, 2019 ⏲️ 2 mins 6 secs

OpenSSH is the premier connectivity tool for remote login with the SSH protocol. It encrypts all traffic to eliminate eavesdropping, connection hijacking, and other attacks. In addition, OpenSSH provides a large suite of secure tunneling capabilities, several authentication methods, and sophisticated configuration options. source

What is SSH

SSH is a secure Shell socket. It’s a network protocol that let’s us connect to a distant server with a secure tunnel. The SSH protocol provide a strong authentication and DATA encryption that let us transfer data securely.

It’s almost used by administrators to log and manage servers, send data from computers to another and to execute commands.
The SSH protocol use 22 port, but we can configure the SSH server to use another port.

the most use of SSH is to authenticate users because of it’s easy to use and hard to decrypt its algorithms. It’s based on public and private keys that client and servers communicate with.
And this is how it works:

Authentification to CA's server

Authentification to CA’s server

The SSH session may be a file transfer, a shell command and even a X Window session that allow to run graphic applications distantly.

The SSH protocol is included to many commands that allow us to run them securely on a distant server like, scp that allow is to copy files from server to another, sftp (Secure File Transfer Protocol) and Using the rsync has many advantages over scp, if you want to periodically backup a directory. rsync has the ability to recover from failed transfers and only copy differences between two locations saving bandwidth and time.

How to use it

If you want to administrate a VPS server, you should check that SSH is already installed on it by running:

ssh root@ip-of-the-server

The first run of this command, this will check the fingerprint of the server and will ask you to add the host to knowhost file:

The authenticity of host ‘ip-of-the-server’ cannot be established.
DSA key fingerprint is 01:23:45:67:89:ab:cd:ef:ff:fe:dc:ba:98:76:54:32:10.
Are you sure you want to continue connecting (yes/no)?

This command will start a session that will ask you for the password. You have to add your public key on the server t be able to connect to the server to avoid asking for the password each time.

To add your public key you have to run this command one time:

ssh-copy-id root@ip-of-the-server

Now, you can run all SSH commands like scp, rsync, sftp and ssh without asking for the password.