Grogan
08-10-2005, 01:13 AM
This is a continuation of the tutorial, for Linux users. You may see Using SSH Protocols to Work with Servers Part 1 - Windows Users for additional background info.
The usage of traditional services, like telnet and ftp, to work on or transfer content to servers should be avoided. The reason is that these services use plain text, and passwords and data can be stolen by miscreants using IP sniffing techniques. Instead, encrypted SSH protocols should be used for command line administration, and for transferring files.
We can use the command line utilities in the OpenSSH suite (ssh client for secure shell access, and sftp client for file transfers) and we can also use the GUI program, gFTP for secure file transfers.
Linux (or BSD) distributions should include all the tools you will need. They are probably even installed by default. However, if you do need to compile these programs (i.e. your distributor doesn't provide them) you can go to the official Web sites and grab the sources.
OpenSSH
http://www.openssh.com/
http://www.openssh.com/portable.html
gFTP
http://gftp.seul.org/
To connect to a shell account on a Unix server, open your favourite terminal (xterm, konsole, rxvt, eterm etc.) and type:
ssh -l username (ip address or hostname)
For example:
ssh -l grogan 192.168.0.2
or
ssh -l grogan servername.com
You are supplying the username in the command, but it will prompt for your password.
http://www.bitbenderforums.com/~grogan/sshhowto/01_sshlinux.gif
If connecting to the server for the first time with SSH, you will be prompted to accept the server's key. Type yes and hit return. It is not until you do that, that you are prompted for the password.
After you log on with your password, you will have the use of your shell on the remote system. It will be very much like working in a command console on your own machine.
This is just a Slackware box set up as a server on my local network, but it would be just the same for a remote server, except that you'd probably use the server's hostname or domain name instead of the IP address to connect. I could also use the hostname "nicetry" for that computer, as long as I have an entry in /etc/hosts for it. (There's no DNS).
http://www.bitbenderforums.com/~grogan/sshhowto/02_sshlinux.gif
After you are finished doing what you set out to do, type logout to terminate the session.
If you need to learn more about working at the command line, an excellent tutorial is Linux: Rute User's Tutorial and Exposition (rute.2038bug.com)
For securely transferring files, the OpenSSH suite includes a very nice command line sftp client. To invoke it, type:
sftp username@address
or, for example:
sftp grogan@192.168.0.2
The address can be an IP address, or a hostname. It looks like an email address but it isn't, necessarily.
Before invoking the program, the easiest thing to do is to change into the directory you wish to work from. If you don't that's OK too, because you can still change the local working directory after you log on.
http://www.bitbenderforums.com/~grogan/sshhowto/03_sshlinux.gif
I cd into /home/grogan/sshhowto
I type the command to log with sftp and enter the password when prompted.
Once connected, commands like "ls" and "cd" operate on the remote server. If you wish to list or change directories on your local computer, use "lls" and "lcd" respectively. Most of those commands have a local equivalent... simply prefix them with the letter l. For example, to make a directory on the local machine type "lmkdir" instead of mkdir.
To transfer a file to the remote server, you use the put command. This program gives you full use of wildcards... it will operate on whatever files match. This concerns the "put" and "get" commands, as well as the "rm" command for deleting files. Be careful, wildcards are powerful.
For example, I want to transfer all the jpg images from sshhowto on the local computer, to sshhowto on the remote server. As you can see in the above screenshot, "put *.jpg" transfers all the jpg images in one command.
Unfortunately, this program will not transfer entire directories, so you must create directories if not already present, and transfer files into them.
While I'm connected, I also want to change to another directory on the local computer and upload a small ISO image to the remote system.
http://www.bitbenderforums.com/~grogan/sshhowto/04_sshlinux.gif
First I want to see where I am, so I issue the "pwd" and "lpwd" commands, and do directory listings on both the local machine and remote. Once the file transfer is started with the "put" command, progress is displayed, unlike some old fashioned command line ftp programs.
While I'm here, I also need to grab something from my fileserver.
http://www.bitbenderforums.com/~grogan/sshhowto/05_sshlinux.gif
I first change to the desired directory on the remote computer using the cd command, and do a directory listing to see my file.
I want to put the file in my home directory on the local computer, so I use the "lcd" command to change to /home/grogan.
I then use the get command, to download my firefox tarball.
When finished, type bye to terminate the session.
To see a more complete list of commands and options for working with the sftp program, type man sftp on your system. If you don't have the man page installed, type man sftp into Google (www.google.com/search?hl=en&q=man+sftp&btnG=Google+Search&meta=) and you will find the man page online :-)
The usage of traditional services, like telnet and ftp, to work on or transfer content to servers should be avoided. The reason is that these services use plain text, and passwords and data can be stolen by miscreants using IP sniffing techniques. Instead, encrypted SSH protocols should be used for command line administration, and for transferring files.
We can use the command line utilities in the OpenSSH suite (ssh client for secure shell access, and sftp client for file transfers) and we can also use the GUI program, gFTP for secure file transfers.
Linux (or BSD) distributions should include all the tools you will need. They are probably even installed by default. However, if you do need to compile these programs (i.e. your distributor doesn't provide them) you can go to the official Web sites and grab the sources.
OpenSSH
http://www.openssh.com/
http://www.openssh.com/portable.html
gFTP
http://gftp.seul.org/
To connect to a shell account on a Unix server, open your favourite terminal (xterm, konsole, rxvt, eterm etc.) and type:
ssh -l username (ip address or hostname)
For example:
ssh -l grogan 192.168.0.2
or
ssh -l grogan servername.com
You are supplying the username in the command, but it will prompt for your password.
http://www.bitbenderforums.com/~grogan/sshhowto/01_sshlinux.gif
If connecting to the server for the first time with SSH, you will be prompted to accept the server's key. Type yes and hit return. It is not until you do that, that you are prompted for the password.
After you log on with your password, you will have the use of your shell on the remote system. It will be very much like working in a command console on your own machine.
This is just a Slackware box set up as a server on my local network, but it would be just the same for a remote server, except that you'd probably use the server's hostname or domain name instead of the IP address to connect. I could also use the hostname "nicetry" for that computer, as long as I have an entry in /etc/hosts for it. (There's no DNS).
http://www.bitbenderforums.com/~grogan/sshhowto/02_sshlinux.gif
After you are finished doing what you set out to do, type logout to terminate the session.
If you need to learn more about working at the command line, an excellent tutorial is Linux: Rute User's Tutorial and Exposition (rute.2038bug.com)
For securely transferring files, the OpenSSH suite includes a very nice command line sftp client. To invoke it, type:
sftp username@address
or, for example:
sftp grogan@192.168.0.2
The address can be an IP address, or a hostname. It looks like an email address but it isn't, necessarily.
Before invoking the program, the easiest thing to do is to change into the directory you wish to work from. If you don't that's OK too, because you can still change the local working directory after you log on.
http://www.bitbenderforums.com/~grogan/sshhowto/03_sshlinux.gif
I cd into /home/grogan/sshhowto
I type the command to log with sftp and enter the password when prompted.
Once connected, commands like "ls" and "cd" operate on the remote server. If you wish to list or change directories on your local computer, use "lls" and "lcd" respectively. Most of those commands have a local equivalent... simply prefix them with the letter l. For example, to make a directory on the local machine type "lmkdir" instead of mkdir.
To transfer a file to the remote server, you use the put command. This program gives you full use of wildcards... it will operate on whatever files match. This concerns the "put" and "get" commands, as well as the "rm" command for deleting files. Be careful, wildcards are powerful.
For example, I want to transfer all the jpg images from sshhowto on the local computer, to sshhowto on the remote server. As you can see in the above screenshot, "put *.jpg" transfers all the jpg images in one command.
Unfortunately, this program will not transfer entire directories, so you must create directories if not already present, and transfer files into them.
While I'm connected, I also want to change to another directory on the local computer and upload a small ISO image to the remote system.
http://www.bitbenderforums.com/~grogan/sshhowto/04_sshlinux.gif
First I want to see where I am, so I issue the "pwd" and "lpwd" commands, and do directory listings on both the local machine and remote. Once the file transfer is started with the "put" command, progress is displayed, unlike some old fashioned command line ftp programs.
While I'm here, I also need to grab something from my fileserver.
http://www.bitbenderforums.com/~grogan/sshhowto/05_sshlinux.gif
I first change to the desired directory on the remote computer using the cd command, and do a directory listing to see my file.
I want to put the file in my home directory on the local computer, so I use the "lcd" command to change to /home/grogan.
I then use the get command, to download my firefox tarball.
When finished, type bye to terminate the session.
To see a more complete list of commands and options for working with the sftp program, type man sftp on your system. If you don't have the man page installed, type man sftp into Google (www.google.com/search?hl=en&q=man+sftp&btnG=Google+Search&meta=) and you will find the man page online :-)