Connecting to other computers over a network always means a certain amount of risk. In order to keep your connection is secure as possible, a number of techniques have been developed to keep what you’re doing private. One of the most popular is SSH. SSH stands for secure shell, and it’s a way of encrypting the connection between your computer and a remote computer, so that anything that sent over the network is delivered as garbled code that only your local machine and the remote computer you have authenticated with can understand. If you want to learn more about data security, a course like this one is a great place to start.
In a nutshell, SSH creates a secure channel between your local computer and a remote computer by running encryption and decryption software on both machines, and using a shared key that validates the source of communication on both ends. This allows each computer to send and receive encrypted messages while still understanding each other, even though anybody else listening over the network wouldn’t be able to understand the content of messages.
To use SSH, both computers need to have software installed that is capable of interpreting the keys and encrypting and decrypting the content while sending it over the network.
If you’re using a Linux or Mac computer computer, you probably already have SSH installed. One way to check is to go to the terminal, and use the WHICH command:
This should show you the path to your installed SSH binary. If you don’t get a response from this command, that means SSH is not currently installed. On a Windows machine, a comparable command would be:
SSH software is available for free for Windows, and there are a couple of popular installation packages. Two that you might want to consider are Cygwin and PuTTY. You can download and install either of these just the way you install any Windows software, and when you’re done you should be able to use the SSH command from the command line.
Connecting to Another Computer via SSH
SSH needs to be installed and running on both computers in order for them to communicate over the network. Most likely, if you’re connecting to a remote machine somebody else has set up, they have already installed SSH, and all you need to do is set your local computer up so that they can communicate properly.
To connect over SSH with basic password authentication, you just issue the SSH command at the command line, specifying your user account on the remote machine, followed by an @, and then the IP address or domain of the remote host. This is all the information SSH needs in order to go out to the network, find the remote host you want communicate with, tell it who you are, and establish the basis for a secure connection.
If this is the first time you’re connecting to this particular host, the SSH command will ask you if you want to permanently add that remote host to your list of known hosts. This is a convenience of SSH, in that it keeps track of all of the hosts you have authenticated with in the past. You will only be asked this the first time you connect to any specific host.
Next you will be asked for your password, as if you were logging into your account. It’s generally safer to set up a local keyfile that you can upload to your remote SSH host to authenticate you every time you login without having to enter your password every time. There are other posts on the blog were you can learn about SSH keys, but for now we’ll just use password authentication.
Once you have entered your password, you should see a command prompt that reflects your account on the remote machine. Right now, all of the commands you type should run as if you had logged in directly to the remote machine, instead of logging into your local machine. You can change directories, list files, etc.
Regardless of whether you’re using Windows, Mac, or Linux locally, the commands you issue from inside of an SSH process should be the ones that are appropriate for the operating system on the remote host. There are some great courses on how to use the Linux command line. If you’re using a Mac, you might prefer a course like this one on how to use the OSX command line. In order to find out what directory you’re in, you can use the PWD command, which will tell you the path to the directory you’re in on the remote machine.
Once you know where you are in the file structure, you can use the cd command to change directories. For example, you could CD to the home directory and the “username” directory with the following command
On Windows machines, listing files is done with the dir command. To list files on the Linux or Mac machines, use the LS command.
Once you have a list of remote files, you can do anything that you would normally do with those files locally, just as if you had logged in directly to this remote machine. SSH creates a session for you that behaves as if that machine were sitting right in front of you, so you can edit files, copy files, move files around, or do anything else you would do from the command line locally.
Copying Files on the Remote Computer
For example, imagine you had a file on the remote machine called sample.txt. If you wanted to create a copy of this file, and call it copy.txt, you would use the following command:
cp sample.txt copy.txt
This would create a copy of sample.txt file on the remote machine and put it in the same directory with the name copy.txt.
Copying Files to the Remote Computer
The real magic of SSH comes when you need to create interactions between your local computer and the files on the remote host. Once you have an SSH session started, you can use the SCP command to access and copy files between your local computer and the remote computer.
To use SCP, you issue the SCP command, followed by the path to the file you want to copy, and then the path where you want to put it. SCP works just like CP, except that it creates a connection across an SSH tunnel allowing files to be moved from the remote host to the local host or vice-versa securely.
To copy your remote sample.txt file to the local directory where you started your SSH session, all you need to do is type SCP followed by your user account, an @, and the host name of the remote computer, then a colon, then the full path to the file you want to copy from the remote host:
In this case you don’t need to specify local path, because SCP knows to copy the file to the local path where you initiated your SSH session.
If you want to copy a local file to the remote computer over SSH, you do the same in reverse, specifying where you want the files to show up on the remote host:
scp something.txt firstname.lastname@example.org:/home/username/
Getting comfortable with how SSH works can help keep your sessions secure while allowing you to work remotely over the network. If you’re ready to get started, there are some great courses online that can help you move beyond the basics and learn advanced security techniques.