SDB:OpenSSH basics

Jump to: navigation, search
This article covers the absolute basics to quickly gain remote access to your computer. This article assumes your are using the default configuration, as how it was installed by openSUSE. You will root access in order to modify necessary settings.

Tested on openSUSE

Related articles

Startup SSHD

SSHD is the daemon that is going to listen for incoming connection. Also it controls certain security rules, which you can set in a configuration file. The daemon is run on the server, the host you want to log in to from a remote site. OpenSSH, SSHD, is installed in openSUSE by default.

1. You need to enable and start SSHD. In a terminal issue:

$ systemctl enable sshd

$ systemctl start sshd

2. You need to open port 22 on the firewall.

  • Open Yast2 > Firewall.
  • Make sure your interfaces are appointed to the External zone.
  • In Allowed services select SSHD and add it to the list.
  • Save configuration and exit.

3. If you want SSHD to start automatic on every boot: Open Yast2 > System services and enable SSHD.


Remote login

If you specify an address in the ssh command, this can be a domain name, a host name set in /etc/hosts (eg. localhost) or an IP adress. So ssh.host.org and 192.168.1.104 are both valid addresses. If you are trying to login under a different user name you have to specify it in front of the command, user@. If you want to use the same user name on the remote host, this option can be omitted.

Now try

$ ssh user@ssh.host.org

Of course replace it with the user and address for your remote host.

If the connection can be made and this is the first time you connect to the server, you will be prompted with the following:

The authenticity of host '"hostname" ("host ip")' can't be established. 
RSA key fingerprint is :::::::::::::::.
Are you sure you want to continue connecting (yes/no)?

You will have to type the full word yes to proceed. This will create the encryption keys between the the hosts.

Then you will be asked for the password of the user. Even if the user is non-existed or not authorized to log in trough ssh, you will still get 3 changes to enter the password. (But it will be denied every time).


Security

You now opened a way for people to log in to your computer. If someone knows your password, or simply brute force it, they could break in your computer. It is very recommended to at least start reading configure openSSH. Here you can learn how to set different security settings and where to look for more.


See Also

Related articles

External links