Using SSH for Remote Logins

Secure Shell is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another. It provides strong authentication and secure communications over unsecure channels. It is intended as a replacement for telnet, rlogin, rsh, and rcp. For SSH2, there is a replacement for FTP: sftp.
Installing ssh2
# gzip -dc ssh-2.2.0.tar.gz | tar -xvf – or  tar –xzvf  ssh-2.2.0.tar.gz
# cd ssh-2.2.0
# ./configure
# make
# make install
Installing OpenSSH
Wget http://ftp.bit.nl/mirror/openssh/ openssh-4.2p1.tar.gz
Tar –xzvf  openssh-4.2p1.tar.gz
Installation files
#find / -name  .ssh
/root/.ssh
cd /root/.ssh/
]# ls
authorized_keys  known_hosts
#ssh -version
OpenSSH_4.2p1, OpenSSL 0.9.7f 22 Mar 2005
#find / -name ssh
/etc/ssh
/usr/bin/ssh       (/usr/bin/sftp)
# cd /etc/ssh
moduli            ssh_host_dsa_key.pub  ssh_host_rsa_key
ssh_config        ssh_host_key          ssh_host_rsa_key.pub
ssh_host_dsa_key  ssh_host_key.pub      sshd_config
Run ssh1
To use ssh1 to login to a computer with the same username:
$ ssh remote.example.org
To use ssh1 to login to a computer with a different username:
$ ssh -l username remote.example.org
To use ssh1 to securely send a command to a remote system:
$ ssh remote.example.org command
Run scp1
To use scp1 to copy a file to a remote system:
$ scp localdir/to/filelocation user@host:/dir/for/file
To use scp1 to copy a remote file to the local system:
$ scp user@host:/dir/for/file localdir/to/filelocation
To keep the file attributes of the source file from the source host, use -p:
$ scp -p user@host:/dir/for/file localdir/to/filelocation
Run ssh2
$ ssh2 remote.example.org
To use ssh2 to login to a computer with a different username:
$ ssh2 -l username remote.example.org
To use ssh2 to securely send a command to a remote system:
$ ssh2 remote.example.org command
Run scp2
To use scp2 to copy a file to a remote system:
$ scp2 localdir/to/filelocation user@host:/dir/for/file
To use scp2 to copy a remote file to the local system:
$ scp2 user@host:/dir/for/file localdir/to/filelocation
To keep the file attributes of the source file from the source host, use -p:
$ scp2 -p user@host:/dir/for/file localdir/to/filelocation
Run Sftp2
$ sftp2  remoteserver  user
$sftp user@remoteserver
Generating keys
Synopsis
ssh-keygen [-b bits] [-f file] [-N new_passphrase] [-C comment]
ssh-keygen -p [-P old_passphrase] [-N new_passphrase]
ssh-keygen -c [-P passphrase] [-C comment]
ssh-keygen -u [-f file] [-P passphrase]
Options
-b bits  Specifies the number of bits in the key to create. Minimum is 512 bits.  Generally 1024 bits is consid­ ered sufficient, and key sizes above that no   longer improve security but make things slower. The default is 1024 bits.
-c   Requests changing the comment in the private and public key files. The program   will prompt for the file containing the private keys, for passphrase if the   key has one, and for the new comment.
-f   Specifies the file name in which to load/store the key.
-p   Requests changing the passphrase of a private key file instead of creating a   new private key. The program will prompt for the file containing the private   key, for the old passphrase, and twice for the new passphrase.
-u   Requests that the key’s cipher is changed to the current default cipher  (determined at compile-time currently 3DES).

-C   Provides the new comment.
-N   Provides the new passphrase.
-P   Provides the (old) passphrase.
(For ssh1- To generate public/private keypair for SSH1: ssh-keygen. This will generate
~/.ssh/identity and ~/.ssh/identity.pub.)
For SSH2, use ssh-keygen -t {rsa,dsa} (you choose between rsa keys or dsa
keys, currently I use DSA), which will generate ~/.ssh/id_{dsa,rsa} and
~/.ssh/id_{dsa,rsa}.pub.
#ssh-keygen -t dsa -f newkey (user@domain.com)
Generating public/private dsa key pair.
Enter file in which to save the key (/home/dave/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/dave/.ssh/id_dsa.
Your public key has been saved in /home/dave/.ssh/id_dsa.pub.
The key fingerprint is:
7b:ab:75:32:9e:b6:6c:4b:29:dc:2a:2b:8c:2f:4e:37 user@host
The file id_dsa contains your version 2 private key.
The file id_dsa.pub contains your version 2 public key, which can be added to other system’s authorized keys file.
Copy this to client systems and give permissions
scp identity.pub user@remotehost:./identity.pub
# mkdir .ssh
# chmod 700 .ssh
#cd .ssh
#touch authorized_keys
#chmod 600 authorized_keys
#cat ../identity.pub >> authorized_keys
#rm ../identity.pub

Version 2
#cd .ssh
#touch authorized_keys2
#chmod 600 authorized_keys2
#cat ../id_dsa.pub >> authorized_keys2
#rm ../id_dsa.pub

Logging to the server with key
ssh -1 -v user@host
ssh -2 -v user@host

Putty and  winscp (client side)
Down load and install PUTTY.EXE, PUTTYGEN.EXE, PSFTP.EXE, winscp382.exe

SSH for other applications
Creating for Backup
# tar cvf – | ssh user@host “dd of=/dev/tape”

Running on another port
$ ssh -p 443 remotehost.example.org

Using rsync with ssh
rsync -avz -e “ssh -i /RSA/DSAkeyfile location” remoteuser@remotehost:/remote_dir  /local_dir

Rsync installation
install rsync or check /usr/bin/rsync
service rsync status to check it is started or
service rsync start
put it for initscript
chkconfig rsync on

Usage:  rsync -avz -e remoteuser@remotehost:/remote_dir  /local_dir
Logging to pop account
$ ssh -L 1234:popserver.example.com:110 ssh-server
Execute commands from remote hosts
Get name of the host: ssh -i /home/sajith/tes/keypair usr@host.domain.com “hostname”
Get swap_usage : ssh -i /home/adminsaj/tes/keypair usr@host.domain.com “free -m”
Get disk use : ssh -i /home/adminsaj/tes/keypair usr@host.domain.com “df -h”
Get memory : ssh -i /home/adminsaj/tes/keypair usr@host.domain.com “vmstat”
System uptime and cpu usage : ssh -i /home/adminsaj/tes/keypair usr@host.domain.com “processor_info” or uptime or mpstat

Advertisements

Posted on December 13, 2013, in LInux Based. Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: