Join Scott Simpson for an in-depth discussion in this video What is SSH?, part of Understanding SSH.
- SSH, or Secure SHell, is a protocol for connecting from one computer to another, usually in order to use the Command-line interface, or Command Shell on a remote system. It's very widely for system administration such as software update, configuration management, and deployment on Linux and Mac OS X machines. Using SSH is, in many ways, just like sitting in front of a terminal window on the screen of the remote server. But instead of being in a data center or crouched next to a server with a keyboard balanced on your knee, you can connect to an SSH session from your couch, a coffee shop, your desk, or even your smartphone or tablet computer.
It's pretty handy to have a SHell window open for troubleshooting while you're working on a web app or consulting documentation about a process you're following on a remote server. There are SSH Clients, the software you use to set up a connection to an SSH server, available for all the major computer operating systems and tablet operating systems. Mac OS X and Linux have the SSH application built-in, accessible through the terminal and Windows has a few options available. I'll show a popular one called PuTTY in this course.
And there are Android and iOS applications for connecting to SSH servers as well for busy system administrators on the go. But for all the convenience that SSH provides you, there is one important difference, SSH is a service that starts up after a large part of the remote system comes online after booting up. So if something happens to your server during that bootup process to prevent SSH from starting, or if, for some reason, it can't connect to the network, SSH isn't going to be a lot of help.
Keep in mind, you can change settings while using SSH that can prevent you from being able to log back in. If you shut down a network interface, commit incorrect network settings, block the service with a firewall, or shut down the SSH service, you risk cutting off your own access. If this happens, you might find yourself trekking through the data center to fix the issue or using another means of remote access, such as a web console on a cloud provider's website, or a local console window on the Virtual Machine.
And of course, local and remote network conditions can cause access problems. If a computer allows remote access, there needs to be a way to control who can login and work on the system. With SSH, access is controlled either through the use of username and password set up by an administrator on the remote server, or a cryptographic key pair generated by the user and shared with the server. Key-based access is the more secure option, and as such it's increasingly common.
It's also the preferred way of accessing Linux servers on many popular cloud services, such as Amazon Web Services and Microsoft Azure. SSH encrypts the connection between a client and the server so commands and information sent back and forth are more secure than with other types of remote access protocols, such as FTP or Telnet. Usually, SSH runs on TCP port 22, but that can be changed to a different TCP port in the server configuration and mostly that's it.
Of course, there are many command line options you can specify to make particular changes to how SSH works, but those options are beyond the scope of this introductory course. Let's take a look at a few messages that can show up when working with SSH. A fairly common error that you'll come across is an incorrect password. On Mac OS X and Linux, you'll usually get three tries until the system ends your session. At that point, you'll get a summary of the ways that you're allowed to connect.
In my case here, it shows key and password. On the PuTTY software we'll see in a little bit, you'll get two attempts. If your session is ended from the remote side, perhaps because an administrator has disconnected you, you'll see Connection closed by remote host. If the remote server shuts down in response to a command sent by you or someone else, you'll see a message about the system going down.
And if something happens to the connection, you may see "Broken pipe." This means that the SSH software can't vouch for the security of the connection anymore and you've been disconnected. This can happen if the network connection goes away or your IP address changes. It's pretty common when putting a laptop computer to sleep with an SSH connection still going and waking the computer up again some time later, especially on a different network. While this course is intended as a basic introduction to using SSH, I encourage you to check out all of the options available by typing "man ssh" into a Linux or Mac OS X terminal.