What is SSH and why do I need to use it?

SSH(Secure Shell) is a network protocol that allows secure access over an encrypted connection.

Through an SSH connection, you can easily manage your files and folders, modify their permissions, edit files directly on the server, configure and install your scripts, etc. SSH is what you will be using if you host your nodes on a cloud hosting provider like AWS, Google Cloud , Digital Ocean. You can read more about hosting providers here.

How Does SSH Work?
In order to establish an SSH connection, you need two components: a client and the corresponding server-side component. An SSH client is an application you install on the computer which you will use to connect to another computer or a server. The client uses the provided remote host information to initiate the connection and if the credentials are verified, establishes the encrypted connection.

On the server’s side, there is a component called an SSH daemon that is constantly listening to a specific TCP/IP port for possible client connection requests. Once a client initiates a connection, the SSH daemon will respond with the software and the protocol versions it supports and the two will exchange their identification data. If the provided credentials are correct, SSH creates a new session for the appropriate environment.

How do I Enable an SSH Connection?
Since creating an SSH connection requires both a client and a server component, you need to make sure they are installed on the local and the remote machine, respectively. An open source SSH tool—widely used for Linux distributions— is OpenSSH. Installing OpenSSH is relatively easy. It requires access to the terminal on the server and the computer that you use for connecting.

The first thing we’ll do is simply connect to a remote machine. This is accomplished by running ‘ssh hostname’ on your local machine. The hostname that you supply as an argument is the hostname of the remote machine that you want to connect to. By default ssh will assume that you want to authenticate as the same user you use on your local machine. To override this and use a different user, simply use remoteusername@hostname as the argument. Such as in this example:

ssh username@username@IPaddress (or domain)

On my Digital Ocean account it looks something like this: ssh -i /home/localuser/.ssh/ root@123.45.678.90 In this example I included the path to my public key.

The first time around it will ask you if you wish to add the remote host to a list of known_hosts, go ahead and say yes.

The authenticity of host ‘123.45.678.90’ can’t be established. RSA key fingerprint is 53:b4:ad:c8:51:17:99:4b:c9:08:ac:c1:b6:05:71:9b. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added ‘123.45.678.90’ (RSA) to the list of known hosts. Type “yes”

Generating Your Public/Private Key Pair

On your local computer’s command prompt enter the command ‘ssh-keygen -b 4096’ to generate a strong key.

ssh-keygen -b 4096

It should display the following:

It will prompt you for the location of the keyfile. Unless you have already created a keyfile in the default location, you can accept the default by pressing ‘enter’.

Next it will ask you for a passphrase and ask you to confirm it. Make it something unique and complex.

Installing your public key automatically

To easily install your public ssh key on a remote host you can use the ssh-copy-id program by running this command:

ssh-copy-id yourusername@IPaddress

It will prompt you for your password on the remote host and and then install your public key on the remote machine.

If you would like to learn some basic commands that you can run from the SSH command prompt go here.