Working on a Remote Computer

The daemon that enables you to work securely on a remote computer is ssh (secure shell). This daemon has built in security, encryption, and authentication that makes it the ideal replacement not only for telnet but also for ftp, rsh, rlogin, and rexec. In fact the first thing that you will want to do after installing ssh is to go into your /etc/inetd.conf file and add # to the front of the lines that reference the above services to comment out (ie. disable) those services so that all future access to remote systems will need to use the far more secure daemon - ssh.

The first time that you access a particular remote system using ssh you will be advised Host key not found from the list of known hosts. Are you sure you want to continue connecting (yes/no)? You need to answer yes to connect to the new remote computer and encrypted keys will then be exchanged between your computer and the remote computer so that they can identify one another in the future. This authenticates your future connections to the remote system because you can be sure that the computer is the same one as you have accessed before as well as providing public key encryption of all data passing between the two computers.\ This key information is stored in the ~/.ssh/known_hosts file.

Usually when you use ssh to logon to a remote computer, you are logged on using the same user name as you used to logon the your own computer but you can override this using the -l flag to specify the user name that you want to connect as. In either case you will then be asked to enter your password for the remote system. If you access lots of different remote systems then you can avoid this constantly being asked for passwords for different systems by using the -keygen flag to generate a passkey that can be entered once (via the -add flag) when you first log onto your local system and which will handle passing the appropriate passwords (which can only be decrypted using the correct pass key) to each of the remote systems. Another useful flag is -c which will turn on compression for the data being passed between the two computers.

ssh can be used as a direct replacement for rsh to execute commands on the remote system. For example to get a listing of the contents of the /bin directory you can use ssh remotehost ls /bin

ssh can also be used as a command line replacement for ftp. To send a single file from your system to the remote system use
ssh remotehost 'cat > remotefile' < localfile
and to retrieve a single file use
ssh remotefile 'cat remotefile' > localfile
You can also copy entire directories between systems for example to copy an entire directory from the remote system to your current directory on your system use
ssh remotehost 'cd /remotedirectory && tar cf - .' | tar xf -
and to go the other way use
tar cf - . | ssh remotehost 'cd /remotedirectory && tar xf -'
You may want to look up information on the tar command to help you figure out how these transmissions actually work.

Provided that you have everything set up properly, you can use ssh to perform from your local computer anything that you are authorised to perform on the remote computer including anything that you would not normally have access to from your local computer.

This is only a very brief introduction to the ssh daemon which is capable of doing a lot more than the couple of things that I have introduced you to here. The best place to start once you have ssh installed on your computer is to take a look at the man pages for the ssh command which should give you a description of all of the available flags and parameters that you can use with the command. There are even implementations of ssh available that will run on windows that you can use to gain remote access to your linux computer.


This article written by Stephen Chapman, Felgall Pty Ltd.

go to top

FaceBook Follow
Twitter Follow