ELI5: What is SSH and how does one use it?
Arjun Aravind • 20 June 2021 • 7 min read Just like using dark mode in your text editor or entering commands in a terminal, SSH is just one of those things that makes you feel like a real coder when you're using it.It's also a really useful tool, especially if you're involved in developing websites or web APIs or just about anything that involves a server.
In this article, we'll be looking at how SSH can be used, how it works and maybe some more advanced concepts, if we have the time. I thought it'll be better to showcase the applications first, to make things easier.
And without any further ado, let's go!
Where is SSH used and how?
The most common usage of SSH is to login into a remote server and enter commands on that server's command-line. But let's get into a bit of background here first...
---------------
For any website to be accessed over the internet, it needs to store the HTML, CSS and Javascript files, that make it up, on a server. A server (in our case) is basically a computer that is always on and gives the required website files and data to browsers which ask for it.
- To know more about how websites and servers work, check out this article on HTTP!
However, servers are remote, meaning that they could be located anywhere in the world. They also usually don't have a graphical user interface. And I'm sure you're thinking here.....so how the hell are we supposed to load the website codes onto them?
Fear not, for we have SSH!
Using SSH, we can login into a server, that could be located anywhere, and run commands on it's command-prompt. In fact, I'm actually using one for this website. Let me show you.
In my computer's terminal, I go and enter this command
ssh root@143.120.183.910
where root
is the username I am logging into the server as, and 143.120.183.910
is the IP address of my server.
I will then be prompted for a password which I will enter. The password must match with the username that I am logging into the server as.
Aaand BOOM! This is what I'll see when I'm successfully logged in!
Amazing, right? That's the command-prompt of the server I wanted to use! To confirm, look at the operating system information on the top. It says it's using Ubuntu while my computer runs OS X.
Now that I'm into the server, I can run a bunch of commands and copy my website files to this server or even edit them right here.
Any tools that are available in the command-line (and trust me, there's a lot) can now be used by you in the server using SSH.This is one of the major applications of SSH. There's a lot more, such as SSH Tunneling, but those are for a later article. Let's move on to see how it works.
So exactly what is SSH and how does it work?
Alright, so in the previous section, I used the SSH tool to show you what it can do. However, The usage of the word 'SSH' might have been a bit inaccurate...
SSH (Secure Shell Protocol) itself isn't a software or even some sort of tool, it's basically a bunch of rules and instructions (in other words, a protocol) on how to send data between two computers securely.
Programs which implement these rules and instructions are what we use to do all of the things that SSH enables us to do. For example, the program we used above, for logging into my website server, is OpenSSH.
---------------
For SSH to work between two computers, there needs to be two specific SSH programs installed. The computer from which you are trying to connect must have an SSH client installed while the computer you are trying to connect to must have an SSH server.
- Now, an SSH 'server' is not the same as a web server, which we discussed earlier. Think of the SSH server as just another software or program running on a computer.
There are now two things that will happen:- authentication and command execution.
Authentication
When you enter a command such asssh root@143.120.183.910
in your command-prompt, the SSH client on your computer will first establish a secure channel with the SSH server located in the computer with the IP address 143.120.183.910
.
- The secure channel is established using asymmetric encryption. It's not really important to understand this now but you can read more about it here if you'd like.
After this, the SSH client on your computer prompts you for a password. Once you've entered it, the SSH client sends it, along with the username, to the SSH server on the destination computer.
The SSH server will check if there exists a user with the given password on the destination computer. If yes, the SSH server will send a success message to the SSH client and now a connection between the two will be fully and securely established.
If no, the SSH server will send a failure message to the SSH client which will prompt you again for a correct password.
Command Execution
Once the connection has been successfully established with the SSH client and SSH server, the SSH server will now be listening from any inputs from the SSH client. The SSH client, meanwhile, will be prompting the user to enter any commands.When the user enters a command, the SSH client will send the command to the SSH server. The SSH server will evaluate the command on the computer it is on and send the results back to the SSH client. The SSH client will the print the results as output in your computer's command-prompt.
This cycle keeps repeating until the user closes the SSH connection by entering 'exit'. I made a little comic to illustrate this! Hope this made it clearer! This kind of mechanism is called a 'client-server' architecture. It's used in other network-based applications too; such as the HTTP request/response cycle, databases, etc.
What are the advantages of using SSH over other similar technologies?
So, there are actually a lot of protocols and applications which let one access a remote server. One popular example is Telnet, which was a precursor to SSH.
The major advantage is that SSH is secure. Even on unsecured data transmission mediums, it can create a secure channel using asymmetric encryption and can securely exchange keys. All of the data that passes through it is encrypted.
Another advantage is that it offers a wide variety of options. For example, instead of entering a password, you could opt for a 'passwordless' login by generating your own set of encryption keys (check out ssh-keygen when you have time).
- You can also choose to pass in just one command to be executed and exit immediately.
This can be done like this:-
.ssh root@143.120.183.910 "cat /home/hello.txt"
The command should be passed in as shown through quotes.
---------------
So, I hope this article shed some light on SSH, how it works and how to use it for you. Feel free to contact me about any criticisms, mistakes or feedback that you have. Cheers!