FreeKB - SSH ssh command (connect to an ssh server)
SSH - ssh command (connect to an ssh server)

The ssh command is used to connect to an ssh server. The syntax of the ssh command is ssh user@hostname. Replace user with a user on the SSH server. Replace hostname with the hostname or IP address of the SSH server.

In this example, an ssh connection is made to the "server1.example.com" SSH server as John Doe.

ssh john.doe@server1.example.com

 

The -v (verbose) flag can be used to see the authentication methods that the SSH server accepts.

ssh john.doe@server1.example.com -v

 

Something like this should be returned.

debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password

 


Known hosts

Regardless if you are using a password or a public / private key pair for authentication, if the public certificate of the SSH server (server1 in this example) is not listed in the /etc/ssh/ssh_known_hosts or /home/username/.ssh/known_hosts file on the client, a prompt will appear stating The authenticity of host 'hostname (ip address)' can't be established. Entering "yes" will add the SSH to the client's known hosts. Refer to Understanding Known Hosts for a better understand of what known hosts are.

~]# ssh john.doe@server1.example.com
The authenticity of host 'server1 (192.168.0.5)' can't be established
DSA key fingerprint is BB37 83F2 5E3A 7A4C 6C84  F047 D97B DD4E 38BB 2082
Are you sure you want to continue connecting (yes/no)?

 


Password authentication

If the SSH server is configured to use password authentication, there will be a prompt to enter the password.

~]# ssh john.doe@server1.example.com
john.doe@server1 password: 

 

After entering the password, you will be connected to the SSH server. Once connected, the hostname command can be used to verify that you are connected to the SSH server. The hostname of the SSH server should be displayed (server1 in this example).

~]# hostname
server1

 

As long as the password entered is valid, the connection should be successful, and the last login date and time should be displayed. Also included will be the hostname of the host machine (server1.example.com in this example). 

Last login: Thu Jan 26 13:05:01 2017 from server1.example.com

 


Public / private key pair authenticaiton

Instead of authenticating with a password, you can instead authenticate with a public certificate and private key. Refer to public key authentication with OpenSSH on Linux

If you do not specify the private key that should be used, by default, SSH will attempt certain default private keys. The ssh command with the -v (verbose) option will display the default private keys. ssh-keygen can be used to create the private key.

~]# ssh -v john.doe@server1.example.com
. . .
debug1: Trying private key: .ssh/id_rsa
debug1: Trying private key: .ssh/id_dsa
debug1: Trying private key: .ssh/id_ecdsa
debug1: Trying private key:.ssh/id_ed25519

 


sudo

If you will be using sudo, you may get this lovely response.

Sorry, you must have a tty to run sudo 

 

The fix for this is usually real easily, which is simply to use the -t option to create a psuedo-tty on the target server. Refer to this article to learn about TTY.

sudo -t john.doe@server1.example.com sudo command

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter cb63e in the box below so that we can be sure you are a human.




Comments

Web design by yours truely - me, myself, and I   |   jeremy.canfield@freekb.net   |