Remote Access

Accessing the remote device

- telnet

- ssh

- vnc
SSH - Secure shell
It is a cryptography protocol used to access the shell of remote device in a secure way

It is a server - client model

Port number - 22/tcp

Two ways of authentication

Password authentication

Without password authentication (key-based authentication)

Client software

Linux (CLI) - openssh-clients

Windows or Linux (GUI) - putty, superputty, solarputty, gitbash

Remote login from linux cli(password authentication)
ssh root@servera

or

ssh root@10.0.0.10
Note:

● By default sshd service will run and allowed via firewall in latest version of rhel and
works in password based authentication

Remote public key - /etc/ssh/*.pub

Local known host - ~/.ssh/known_hosts

Key based authentication is more secure than password based authentication

Remote login from linux cli(key authentication)
#generate rsa key pair
ssh-keygen

or

#generate dsa key pair

ssh-keygen -t dsa
Default location of private/public key pair in key generated host

~/.ssh/id_rsa
~/.ssh/id_rsa.pub

or

~/.ssh/id_dsa
~/.ssh/id_dsa.pub

Note:

● private/public key pair can be in different location by defining in ssh-keygen command

#send the key to remoteusers authorized key
ssh-copy-id user1@servera

#try logging in
ssh user1@servera

Note:

● ssh-copy-id command places the local public key to remote users

~/.ssh/authorized_keys

● ssh-copy-id command works with password authentication enabled in remote host by

default
Key authentication with passphrase
#generate rsa key pair with passphrase
ssh-keygen

or

#generate dsa key pair with passphrase

ssh-keygen -t dsa

#send the rsa/dsa key to remoteusers authorized key

ssh-copy-id -i demo.pub user1@servera

#try logging in
ssh -i demo user1@servera
Note:

● To protect the private key passphrase is set

● It will prompt for the passphrase of the key, not the password of remote user while
logging in
SSH server configuration
#install software

yum install openssh-server -y

#start and enable service

systemctl start sshd

systemctl enable sshd

#allow ssh via firewall

firewall-cmd --add-service=ssh --per

firewall-cmd --reload
#edit configuration

vim /etc/ssh/sshd_config

Port 22

PermitRootLogin no

PasswordAuthentication no

#restart service

systemctl restart sshd

SCP - Secure copy
SCP
Copies files securely from local to remote and remote to local

Linux to Linux - SCP

Windows to Linux - WinSCP

Local to remote copy

scp -r /share1/* user1@servera:/home/user1

Remote to local

scp -r user1@servera:/home/user1/* /tmp