SSH - Connect to an SSH server using the ssh command

The ssh command is used to connect to an ssh server. The syntax of the ssh command is ssh user@hostname. Replace user with a user on the SSH server. Replace hostname with the hostname or IP address of the SSH server.

In this example, an ssh connection is made to the "" SSH server as John Doe.



The -v (verbose) flag can be used to see the authentication methods that the SSH server accepts.

ssh -v


Something like this should be returned.

debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password


Known hosts

Regardless if you are using a password or a public / private key pair for authentication, if the public certificate of the SSH server (server1 in this example) is not listed in the /etc/ssh/ssh_known_hosts or /home/username/.ssh/known_hosts file on the client, a prompt will appear stating The authenticity of host 'hostname (ip address)' can't be established. Entering "yes" will add the SSH to the client's known hosts. Refer to Understanding Known Hosts for a better understand of what known hosts are.

~]# ssh
The authenticity of host 'server1 (' can't be established
DSA key fingerprint is BB37 83F2 5E3A 7A4C 6C84  F047 D97B DD4E 38BB 2082
Are you sure you want to continue connecting (yes/no)?


Password authentication

If the SSH server is configured to use password authentication, there will be a prompt to enter the password.

~]# ssh
john.doe@server1 password: 


For example, if the SSH server is using OpenSSH, the OpenSSH configuration file, which is typically located at /etc/ssh/sshd_config would have the following directive.

PasswordAuthentication yes


After entering the password, you will be connected to the SSH server. Once connected, the hostname command can be used to verify that you are connected to the SSH server. The hostname of the SSH server should be displayed (server1 in this example).

~]# hostname


As long as the password entered is valid, the connection should be successful, and the last login date and time should be displayed. Also included will be the hostname of the host machine ( in this example). 

Last login: Thu Jan 26 13:05:01 2017 from


Public / private key pair authenticaiton

Instead of authenticating with a password, you can instead authenticate with a public certificate and private key. Refer to public key authentication with OpenSSH on Linux

If you do not specify the private key that should be used, by default, SSH will attempt certain default private keys. The ssh command with the -v (verbose) option will display the default private keys. ssh-keygen can be used to create the private key.

~]# ssh -v
. . .
debug1: Trying private key: .ssh/id_rsa
debug1: Trying private key: .ssh/id_dsa
debug1: Trying private key: .ssh/id_ecdsa
debug1: Trying private key:.ssh/id_ed25519



If you will be using sudo, you may get this lovely response.

Sorry, you must have a tty to run sudo 


The fix for this is usually real easily, which is simply to use the -t option to create a psuedo-tty on the target server. Refer to this article to learn about TTY.

sudo -t sudo command


Add a Comment

We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.

Please enter b4689 in the box below so that we can be sure you are a human.


Web design by yours truely - me, myself, and I   |   |