What is a SSH?

SSH is the acronym of Secure Shell, which is one of the popular networking protocols.

SSH uses cryptography to authenticate and encrypt connections between devices. To be more specific, it uses asymmetric encryption. Cryptography is out of scope for the purpose of this article though.

How to Generate a SSH Key Pair?

On a Linux machine(Or Mac), you can simply run:

1
ssh-keygen -t rsa -C "[email protected]"
  • -t: Type of key, typically you would use rsa or ed25519
  • -C: Comment, typically you would use your name or email. Used for identifying whose key it is.
  • -b: Byte length of the key, optional

You will be prompted for a few questions, it’s okay to choose default for all. So you didn’t specify a custom key file name or a custom key file path, then you will be able to find the created key files:

1
2
~/.ssh/id_rsa.pub
~/.ssh/id_rsa

Default file names follow the type of the key, so it can be id_ed25519.pub.

filename.pub is the public key that is safe to share with everyone. filename without an extension is the private key that you must keep as a super secret.

How to Login to a Linux Server for the First Time?

You will be provided with one of following options:

  • Browser based terminal
  • Username and password
  • pem or ppk file(e.g. when you launched an EC2 instance via AWS dashboard)

SSH with Username and Password

The default SSH port is 22, but it can be set to a different one(usually on a managed servers). You can use this command for ssh-ing with username and password:

1
ssh username@server_ip -p 7822

You will be prompted for password.

SSH with PEM File

Assume that you got a PEM file from AWS. You can use this command for ssh-ing:

1
ssh username@server_ip -i filename.pem

-i: Identity file.

The PEM file is essentially a private key(also called identity file), pre-generated by AWS.

How to Login with Your Own SSH Key

Entering password or an identity file everytime you login to a server should be tedious. Instead, you can make it easy by “registering” your public key. Here’s how:

Open ~/.ssh/authorized_keys on the server, or create the file if not existing already like so: touch ~/.ssh/authorized_keys.

Attach your public key contents to the end of the above file.

Now, type this command on your local machine terminal and you are in!

1
ssh username@server_ip

More on the PEM File from AWS

When you launch an EC2 instance via AWS dashboard, AWS creates a SSH key pair for you and add the public key to the server, and gives the private key to you. That’s what you get - filename.pem.

What about a PPK file? It’s specific for Windows users. Putty, a popular SSH client for windows requires a PPK file, instead of PEM file.

You now have the fundamentals of how use SSH for accessing to cloud servers. Congrats!

Happy networking! 😎