SSH is extremely practical for using applications installed on your computer, and remotely manage a server and the services it provides. However, to use it to recover or send files, the command line often becomes impractical, especially when you want to receive or send many files. For this I wrote this tutorial teaching how to use SSH to send or receive files extremely simple way, trying to eliminate the difficulties that many have when use this resource.
We hope it is useful!
We hope it is useful!
1. Access to SSH server from different platforms
1.1 First step: configure the server
Installing an SSH server on a “Debian” system (or similar to this, like the
Ubuntu) is simple. Just run the command:
Command function
sudo apt-get install ssh Install an SSH server and enable it with the default settings
Setting up an SSH server changes the configuration file that is
located in :
Location function
/ etc / ssh / sshd_config Global configuration file for an SSH server
In this paper, we will only deal with client configuration aspects, as expected
service users.
1.2 Generation of a cryptographic key
Some SSH servers use a file containing a password for user authentication.
Installing an SSH server on a “Debian” system (or similar to this, like the
Ubuntu) is simple. Just run the command:
Command function
sudo apt-get install ssh Install an SSH server and enable it with the default settings
Setting up an SSH server changes the configuration file that is
located in :
Location function
/ etc / ssh / sshd_config Global configuration file for an SSH server
In this paper, we will only deal with client configuration aspects, as expected
service users.
1.2 Generation of a cryptographic key
Some SSH servers use a file containing a password for user authentication.
Cryptographic key which, it is expected, will have only the real user. Right now, the question always arises: “Why not just use a password?.” The answer to this question is that passwords are more vulnerable than cryptographic keys. Passwords can subject to “dictionary attacks” or captured by certain programs if others computers are used to access the server.
Pay due attention, how to keep the file on a medium
separate (floppy, CD or DVD, pen drive) and away from the Internet, the level of security achieved with the cryptographic key is far superior to that of a password.
The following command can be used to create a cryptographic key with the RSA algorithm 1024 bits in size and must be run on the server to access, even if it is, you can run the command on the local computer and send the key to the server by entering it your default route. We recommend keeping the default options by simply pressing.
ENTER for all options.
Command function
ssh-keygen -t rsa -b 1024 Generate a cryptographic key
The keys created will be saved in the files /home/usuario/.ssh/id_rsa and /home/usuario/.ssh/id_rsa.pub
(respectively their public and private keys). It is very important that access to
your key has limited access, this can be done by changing the access permissions to 750,
with the following command:
Command function
chmod 750 /.ssh Restricts access permissions for the SSH folder
Next, we need to copy the public key to ∼ /.ssh / authorized_keys. This procedure
enables the newly created key as an authorized key.
Command function
cp ∼ /.ssh / id_rsa.pub ∼ /.ssh / authorized_keys Copy key to the default path
This completes the respective part of creating the key. Keep it in a safe place, and never
broadcast it over the Internet. The following describes how to log in (using it,
or not).
Command function
ssh-keygen -t rsa -b 1024 Generate a cryptographic key
The keys created will be saved in the files /home/usuario/.ssh/id_rsa and /home/usuario/.ssh/id_rsa.pub
(respectively their public and private keys). It is very important that access to
your key has limited access, this can be done by changing the access permissions to 750,
with the following command:
Command function
chmod 750 /.ssh Restricts access permissions for the SSH folder
Next, we need to copy the public key to ∼ /.ssh / authorized_keys. This procedure
enables the newly created key as an authorized key.
Command function
cp ∼ /.ssh / id_rsa.pub ∼ /.ssh / authorized_keys Copy key to the default path
This completes the respective part of creating the key. Keep it in a safe place, and never
broadcast it over the Internet. The following describes how to log in (using it,
or not).
1.3 Access from the Linux operating system
1.3.1 Method 1 — Using the GNOME environment
1. Open any file management window
2. In the Location field, type ssh: //usuario@some.servidor.com and press ENTER
3. If a password is requested, type the user password and press ENTER.
4. The files shown in the window are on the server. Move and copy operations
files can be created through that window
NOTE: If the server being accessed requires a cryptographic key for authentication
cation, must be placed in the /home/usuario/.ssh/ folder with the name, "id_rsa” in the file
computer used.
1.3.2 Method 2 — Using the KDE environment
1. Open any file management window
2. In the Location field, type fish: //usuario@some.servidor.com and press ENTER
3. If a password is requested, type the user password and press ENTER.
4. The files shown in the window are on the server. Move and copy operations
files can be created through that window.
1.3.3 Method 3 — Using the command line
With an open terminal, use the following command lines to access the server
wanted:
With an open terminal, use the following command lines to access the server
wanted:
Using the SSH client
This command should be used to log on to the remote computer as a “local” user. IS
extremely useful for executing commands, controlling applications (with text interface), starting, or stop services, etc.
Command function
ssh usuario@some.servidor.com Log in to the server and provide a command line.
Using the SFTP client
This command should preferably be used to access the remote computer (server) via
SSH like you would an FTP server. Your recommendation is for the transfer (send
and receive) files.
Command function SFTP usuario@some.servidor.com Log in to the server and provide a terminal for the following commands.
LCD Change directory on local computer
ll List files on the current computer
CD Change directory on remote computer (server)
List the files in the current folder on the remote computer (server)
pwd Show current directory on remote computer (server)
lpwd Show the current directory on the local computer
put xxx.xx Sends the “xxx.xxx” file to the current folder on the remote computer
get xxx.xx Receives the “xxx.xxx” file for the current folder on the local computer
Exit Exit
Using the SCP client
It is a tool similar to SFTP but more primitive in that it only allows transfer
between the servers and the local computer. Its use in scripting is recommended
for automatic file transfer thanks to a more automated interface.
Command function
SCP file.local user @ server: / destination / Transmits file.local from client to server on “/ destination /”
ll List files on the current computer
CD Change directory on remote computer (server)
List the files in the current folder on the remote computer (server)
pwd Show current directory on remote computer (server)
lpwd Show the current directory on the local computer
put xxx.xx Sends the “xxx.xxx” file to the current folder on the remote computer
get xxx.xx Receives the “xxx.xxx” file for the current folder on the local computer
Exit Exit
Using the SCP client
It is a tool similar to SFTP but more primitive in that it only allows transfer
between the servers and the local computer. Its use in scripting is recommended
for automatic file transfer thanks to a more automated interface.
Command function
SCP file.local user @ server: / destination / Transmits file.local from client to server on “/ destination /”
1.4 Access via the Microsoft Windows operating system
SSH is not exclusive to UNIX-derived platforms, but it can also
accessible from machines containing Microsoft Windows. For this, you need to download load of specific software, since the system itself does not support this service
It is also stressed there are some incompatibilities between cryptographic key graphics used in different programs. Therefore, these must be converted to a format that the SSH client that will use in Windows is able to understand.
SSH is not exclusive to UNIX-derived platforms, but it can also
accessible from machines containing Microsoft Windows. For this, you need to download load of specific software, since the system itself does not support this service
It is also stressed there are some incompatibilities between cryptographic key graphics used in different programs. Therefore, these must be converted to a format that the SSH client that will use in Windows is able to understand.
1.4.1 Conversion of the cryptographic key
Use of the SSH server in Windows requires that the cryptographic key obtained from The Linux / Unix server (created by OpenSSH or proprietary SSH) is converted to a
format that can be used in this operating system. The following procedure describes
how this conversion can be done:
1. Get the conversion program to:
http://tartarus.org/~simon/putty-snapshots/x86/puttygen.exe
2. Open puttygen.exe and click on Conversions. Import key and select your key.
3. The program will import it, the next step is to convert it and save it in the standard format
for Windows. To do this, click on File. Save private key (don't forget to save
with a different name).
4. The key is converted to the PPK format, used by the PuTTY client and derivatives. next step is the choice of the customer to use.
1.4.2 Access by the PuTTY client
PuTTY is the oldest client for accessing SSH servers through Windows. He for-
provides the user with an environment very similar to that found in * NIX (UNIX or
LINUX), while providing a command line, whose manipulation of files and services
must be run based on the standard client of * NIX systems.
Installation procedure:
1. Download the program on:
http://the.earth.li/ sgtatham / putty / latest / x86 / putty.exe
2. Install and open it.
3. When the program opens, select Session on the left side. On the right side enter
address of the server to be accessed in Host Name and select SSH in Protocol.
4. On the left side, select Connection. SSH. Auth and on the right side in the Private field
Click button Browse and locate the cryptographic key in PPK format
5. Click the Open bottom button
6. PuTTY will try to establish a connection with the server, and then open a line
command, where the same commands described above can be used for the client
linux.
3. When the program opens, select Session on the left side. On the right side enter
address of the server to be accessed in Host Name and select SSH in Protocol.
4. On the left side, select Connection. SSH. Auth and on the right side in the Private field
Click button Browse and locate the cryptographic key in PPK format
5. Click the Open bottom button
6. PuTTY will try to establish a connection with the server, and then open a line
command, where the same commands described above can be used for the client
linux.
1.4.3 Access by the WinSCP client
The WinSCP client has an interface similar to that of an FTP program, where on the left
the local files are located and the server files are on the right, making it much easier
files between the servers and the local computer. On the other hand, this client
offers a command line that restricts server operations to manipulation only
edit files.
The WinSCP client has an interface similar to that of an FTP program, where on the left
the local files are located and the server files are on the right, making it much easier
files between the servers and the local computer. On the other hand, this client
offers a command line that restricts server operations to manipulation only
edit files.
Installation procedure:
1. Get the installer on
http://winscp.net/eng/download.php
2. When the installation is complete, open the program. A configuration window will appear,
which must be completed according to the following options:
Host name: Server_Address
Port number: 22
Username: remote_user
Password: password, if any
Private key file: path to the PPK cryptographic key.
File protocol: SFTP.
2. Tunneling via SSH
One of SSH's most useful features is its ability to create cryptographic tunnels.
As a branch of the TCP / IP protocol, SSH can create a connection between two
computers, intermediate by a remote server which offer the possibility to redirect
data packets. Among other things, this technique allows you to surf the Internet safely
through an insecure connection (such as an unencrypted wireless network) or bypass
service restrictions imposed by a firewall on a local network.
Tunneling via the SSH service allocates a port on the local computer, so that everything
information passed through this port will be redirected to the remote server that will perform the
connection to the external network (such as the Internet). Applications that want to use the connection
the tunnel must be configured to use a SOCKS proxy, with the address, "127.0.0.1”
and whose port should be the same choice when creating the tunnel.
As a branch of the TCP / IP protocol, SSH can create a connection between two
computers, intermediate by a remote server which offer the possibility to redirect
data packets. Among other things, this technique allows you to surf the Internet safely
through an insecure connection (such as an unencrypted wireless network) or bypass
service restrictions imposed by a firewall on a local network.
Tunneling via the SSH service allocates a port on the local computer, so that everything
information passed through this port will be redirected to the remote server that will perform the
connection to the external network (such as the Internet). Applications that want to use the connection
the tunnel must be configured to use a SOCKS proxy, with the address, "127.0.0.1”
and whose port should be the same choice when creating the tunnel.
2.1 Tunneling on Windows with PuTTY
The PuTTY client is able to tunnel by changing some options in its configuration.
Dog.
Configuration procedure:
1. In the PuTTY configuration window, enter the connection options shown above.
This tutorial for the basic configuration of PuTTY.
2. On the left side, select Connection. SSH. Tunnel, and on the right side check the
“Local ports accept connections from other hosts” option.
3. Still in the right side, in “Add new port forwarded”, fill in the “Origin door” field with
a number greater than 1000 (in this example, we will assume the option of the random port
1080).
4. Right below, enter the address of the SSH server to which the connection will be established and checked
under the Dynamic and Auto options
5. Press Open. The tunnel is established!
2.2 Tunneling in Linux using OpenSSH
Tunneling on Linux is simpler than on other operating systems. Only
you need to run the following command in the shell:
Tunneling on Linux is simpler than on other operating systems. Only
you need to run the following command in the shell:
Command function
ssh -D 1080 user@some.server.com Create an SSH tunnel redirected through port 1080.
NOTE: Any port greater than 1000 can be specified, not just the 1080 port.
2.3 Instructions for use
Applications that want to use the service (such as browser, email client,
and so on) must be configured to use a proxy connection as specified
under:
Proxy type: SOCKS
Proxy address: 127.0.0.1
Port: 1080 (or whatever was specified when creating the tunnel)
SOCKS version: SOCKSv5
Report
