Dive Into Systems

17.3. Remote Access

Often times users want to remotely log into to Unix machines or copy files from one machine to another. Secure Shell (SSH) is useful for remotely logging into a Unix machine from another machine that running Unix or running another operating systems like Windows and MacOS. And Secure Copy (SCP) is useful for copying files from one system to another.

17.3.1. Remote Login

You can log into a remote Unix machine using the ssh command. ssh provides encrypted communication between the host machine that you run ssh from and the remote machine that you connected to.

To SSH into a remote machine, list the username on the remote machine followed by the machine’s Internet hostname. For example, if Sarita wanted to remotely log into her sarita account on the machine cs87 on cs.college.edu network from her laptop, she would enter the following command (to clarify which machine is executing each of these commands, the laptop$ prompt is the shell prompt on Sarita’s laptop, and the cs87$ prompt is the shell prompt on the remote machine).

laptop$ ssh sarita@cs87.cs.college.edu

If successfully connected, the ssh server running on the remote machine will ask the user to enter their password on that machine. Once successfully remotely logged in, ssh starts a unix shell on the remote machine through which the user can access files and run applications on the remote system.

laptop$ ssh sarita@cs87.cs.college.edu
sarita@cs.college.edu's password:
cs87$

Remotely connecting with SSH from non-Unix OSs

To ssh into a Unix system from a non-Unix system you may need to first install an SSH client on your machine, however it is likely already installed. You then need a terminal window to run ssh On MacOS, open and use the terminal application. On Windows machines, you can either use PowerShell or install and use Putty.

17.3.2. Remote File Copy

If you want to transfer files to or from a machine on a remote system you can use scp (secure copy). The scp command looks much like the cp command except that one of either the source or the destination is specified as a pathname on a remote machine. Like, ssh, scp requires the user to type the password of the user on the remote machine to allow access to the files being copied or from on the remote system. If scp is successful, it displays some statistics about the file being copied including the size of the file in bytes, the average transfer rate, and the total transfer time.

For example, to copy the file named prog.c from your home machine to the sam user on the cs87.cs.college.edu machine, you would type:

# scp prog.c into home directory on cs87.cs.college.edu
laptop$ scp prog.c sam@cs87.cs.college.edu:.
sam@cs.college.edu's password:
prog.c                  100%  282    56.4KB/s   00:00

# scp prog.c into CS31 subdirectory on cs87.cs.college.edu
laptop$ scp prog.c you@cslab.cs.college.edu:./CS31/.
sam@cs.college.edu's password:
prog.c                  100%  282    56.4KB/s   00:00

You can also copy files from a remote machine to a local machine using the remote path name as the source command line argument to scp. For example, to copy a remote file unix_notes/basics from the sarita user’s files on the remote system to the current directory on your home machine, do:

laptop$ scp sarita@cs87.cs.college.edu:./unix_notes/basics ./
sarita@cs.college.edu's password:
basics                  100%   78   86.3KB/s   00:00

If you want to transfer many files, it is useful to package them up into a single archive file first. Then copy over the archive file, and unpack it to get the set of files. In addition, compressing the file before transfer will decrease the total transfer time. The tar utility is one way to pack and unpack files, and gzip and bzip2 are two examples of file compression utilities. See [targzbz] for more information on using tar and file compression.

Generating SSH Keys

For remotely connecting to a Linux machine, you don’t need to generate ssh keys; by default ssh uses your username and password on the remote system you are connecting to for authentication. However, for some websites, like GitHub, you may need to upload your public ssh key to its web server to access some of its resources. ssh uses public-private key encryption to encrypting data to be sent securely over a network connection. The type of encryption ssh uses is known as asymmetric encryption, where your private key on your host machine (the client) is used to encrypt outgoing data that is sent over the network to a server, and the server uses your public key to decrypt your message. The server encrypts its response using your public key before sending it back to you on the network, and when the ssh client receives the message it is decrypted using your private key. In order to get this to work, you first need to create an ssh public-private key pair, and then upload your public key to the server (and keep your private key private on your client machine).

To generate an ssh key, run ssh-keygen -t rsa. It will prompt you for a key-location, which by default is in your ~/.ssh directory, and ask you to enter your passphrase for the ssh key you are generating:

$ ssh-keygen -t rsa
Generating public/private rsa key pair.
...

If successful, this creates two new files in your ~/.ssh directory:

id_rsa: your private key (don’t share this one)
id_rsa.pub: your public key (the one you can upload to web servers)

You can then copy and paste the contents of your id_rsa.pub file to the web server that requires it.

You can also use this method to upload your public key to remote hosts to connect using your key passphrase rather than your password.

17.3.3. References

For more information see:

The man pages (e.g., man ssh)
ssh basics from linuxhandbook.com
Putty
VNC Viewer