Guide to Unix/Explanations/Connecting to Remote Unix

From Wikibooks, open books for an open world
Jump to navigation Jump to search

If the shell prompt is on a remote server, ssh is the most common way to access it. The server must be running the sshd server software to accept your connection. The SSH protocol encrypts your connecting to prevent spying and stealing of passwords. All that is required is that you trust the computer that you connect from and the server where your account is located.

To connect, open your SSH client, specify the name of the server and your username. Most servers use the default port 22, so specifying the port is not necessary. (Be careful with ports 1024 and higher because these are controlled by users, not the system administrator.)

Using SSH from a Shell Prompt[edit | edit source]

To connect to one Unix-like system from another, you can the ssh shell command. This command is often OpenSSH, a popular SSH implementation from OpenBSD. For example, Tux wants to connect to an account (username tux) on the computer "linux.example.edu":

$ ssh tux@linux.example.edu
tux@linux.example.edu's password:

If Tux has the same username on the local computer, then specifying the username is optional:

$ whoami
tux
$ ssh linux.example.edu
tux@linux.example.edu's password:

Accepting the Key Fingerprint[edit | edit source]

The first time you connected, you saw a message similar to the following:

The authenticity of host 'linux.example.edu (1.2.3.4)' can't be established.
RSA key fingerprint is a4:3d:fe:10:7e:45:2b:29:d0:fe:ed:ba:a3:21:66:a1.
Are you sure you want to continue connecting (yes/no)?

If you are reasonably sure that you connected to the correct computer (an attacker on the Internet might steal your connection to learn passwords) then you can answer 'yes' and add linux.example.edu to the list of known hosts. Some SSH clients also allow you to say 'yes' to one session only.

When you say 'yes', you get a message such as: Warning: Permanently added 'linux.example.edu,1.2.3.4' (RSA) to the list of known hosts.

This means that your SSH client "knows" linux.example.edu. It will verify that future connections to "linux.example.edu" reach the same computer (or cluster). You will be alerted if an attacker steals your connection, but also if linux.example.edu changes its key. Thus, if you know that linux.example.edu changed its key and you recognize the key, then you can ignore the alert.


graphical connections[edit | edit source]

Most tasks on a Unix machine can be done in text mode, from the shell prompt.

However, once the text-mode ssh connection is working, many people feel more comfortable switching to a graphical interface.

A typical setup has a VNC viewer on the local end and a X11/VNC server on the remote end, and a ssh tunnel. (Any VNC viewer -- including ssvnc, sshvnc, or a Java-enabled web browser -- will work with any VNC server). The ssh software grabs all information that would normally flow through the VNC ports (ports 5900 through 5906 and ports 5800 through 5806) and funnels them through the ssh tunnel (by default, port 22).


further reading[edit | edit source]