All About SSH for Linux Dedicated Servers

Secure SHell SSHSSH is an acronym for SecureSHell. It was essentially developed to provide security when accessing another computer/server remotely. Older telnet programs allowed everything sent or received to be visible, so outsiders could literally “sniff” that connection in-between (using programs like Wireshark) to see your email, commands, username and password. SSH encrypts sessions, plus provides improved authentication facilities. Some of its features include X session forwarding, secure file transfer and port forwarding.

SSH can use more than one form of encryption, from 512 bits and up

SSH includes ciphers like Triple DES, AES, CAST128 or Blowfish. By encrypting the data, it changes it so that unless outsiders have the key, it’s hard to crack the code.

When connecting to a remote machine, run ‘SSH hostname’ on your local computer, where that hostname is the hostname of the remote computer you’re connecting with. Host validation is one of SSH’s major features as it can help you detect DNS spoofing. If your host key verification fails, this should raise some red flags. Some items to consider would be:

  • Has the server been upgraded?
  • Are using a dynamic IP address on your home computer?

Passphrases

When setting up passphrases, use characters mixed with punctuation and numbers, making it harder to guess. An eight-character password has 5.25 times less combinations than a five-word passphrase. Just don’t use any famous phrases or quotes as these can be uncovered by a brute force program.

Private and public keys

When generating a key, SSH actually generates two keys, a public key and a private key. The private key should always remain on your local computer. The public key should always stay on the server you want to connect to. The public key cannot be used to derive your private key, making it a secure connection. Your local SSH process asks for your passphrase, not the remote server. If you’re using an SSH agent program, this will eliminate the need to enter the passphrase, as that will be done automatically once it’s set up.

Running Commands Over SSH and exiting

If you simply want to run a command and exit, then put the command you wish to run at the end of your SSH connection command.

SCP

If you want to securely transfer files from your local computer to a server (remote host), or vice versa, you can use a program like SCP that uses the SSH protocol.

What if your SSH session dies of inactivity?

SSH sessions can die after so many minutes of inactivity, sometimes because of a firewall configuration between you and the Internet that was designed to only keep stateful connections in memory for specific lengths of time. Fortunately, there are workarounds like using a TCPKeepAlive directive.

How to end you SSH session

You can end your SSH session typing entering exit, logout or simply pressing Ctrl-d. These usually exit the shell, logging you off. However, if you lose connectivity and have no way of ending your shell session, simply type return twice and then the tilde followed by a period. This should terminate the connection from the local side rather than from the server.

ProlimeHost

BROUGHT TO YOU BY PROLIMEHOST

We’ve been in the web hosting industry for over a decade, helping hundreds of clients succeed in what they do best and that’s running their business. We specialize in Virtual Private Servers (VPS) and dedicated servers, with data centers in Los Angeles, Denver & Singapore.

VPS SERVICES: LIGHTNING FAST SSD VIRTUAL SERVERS

Our Virtual Private Servers all feature high performance Xeon processors and SSD storage in a RAID10 configuration to optimize your server’s performance, which dramatically enhances visitor experiences on your site.

That speed is backed by unparalleled 24/7 support, featuring both outstanding response AND resolution times to maximize your uptime.

Now is the time to join the ProlimeHost virtual private server revolution.

DEDICATED SERVERS: BACKED BY A 99.9% SLA NETWORK UPTIME GUARANTEE

We only use enterprise-class hardware in our dedicated servers [1] and offer a four (4) hour hardware replacement. Throw in IPMI for remote management, support for public and private networks, free operating system (OS) re-installs, and SATA, SAS & SSD (including NVMe) storage. Call 1-877-477-9454 or contact us [2]. For everything from gaming servers to cheap dedicated servers, we’re here to help.

Steve
Latest posts by Steve (see all)

Leave a Reply