Akshay Dhan

Akshay Dhan

Senior Research Fellow at Computer Science Unit, ISI Chennai centre

Mastering SSH: Tips and Tricks for Efficient Remote Connections

4 minute read

Published:

SSH (Secure Shell) is a powerful tool for establishing secure remote connections and executing commands on remote computers. In this blog post, we will explore some essential tips and tricks to enhance your SSH experience and make your remote connections more efficient and secure.

Tip 1: Use SSH Keys! Not Passwords!

One of the best practices in SSH is to use SSH keys instead of passwords for authentication. SSH keys provide stronger security and eliminate the need to remember and enter passwords each time you connect to a remote server. Additionally, you can further enhance security by disabling password authentication altogether.

To generate an SSH key pair, open a terminal and run the following command:

ssh-keygen -f ~/.ssh/<filename> -t ed25519 -a 100

Replace <filename> with the desired name for your key pair. This command generates an Ed25519 key with a key derivation function (KDF) cost factor of 100.

Instead of Ed25519 we can use -t rsa -b 2048, it uses RSA (Rivest-Shamir-Adleman) is an older algorithm that has been widely used for decades and is considered secure when using a sufficiently large key size, such as 2048 bits or higher. Ed25519, on the other hand, is a relatively new algorithm based on elliptic curve cryptography (ECC) and is designed to be more efficient and secure with a shorter key lengths.

Tip 2: Copy SSH Public Key to Remote Server

After generating your SSH key pair, you need to copy the public key to the remote server to enable passwordless authentication. Use the following command:

ssh-copy-id -i ~/.ssh/<filename>.pub user@domain

Replace <filename> with the actual name of your key pair and provide the appropriate username and domain for the remote server. This command securely transfers the public key and adds it to the authorized_keys file on the remote server.

Tip 3: Utilize ssh-agent for Key Management

If you encounter issues while connecting to the remote server even after setting up SSH keys, it might be due to the key not being added to the ssh-agent. The ssh-agent is a program that holds private keys in memory, allowing you to use them without entering a passphrase repeatedly.

To add your private key to the ssh-agent, use the following command:

ssh-add ~/.ssh/<filename>

Replace <filename> with the actual name of your private key. This command adds the private key to the ssh-agent, and you can use the -A option to forward the same keys to the remote host upon login.

Tip 4: Simplify SSH Connections with the Config File

Manually specifying connection details for each SSH session can become cumbersome. To simplify the process, you can use the SSH config file to define host-specific configurations.

Open the SSH config file located at ~/.ssh/config and add the following configuration:

Host RemoteHost
	HostName <ip-address>
	IdentityFile ~/.ssh/<filename>
	User <username>

Replace <ip-address> with the IP address or domain name of the remote host, <filename> with the actual name of your private key, and <username> with the username on the remote server.

By defining these configurations, you can establish an SSH connection to the remote host simply by running ssh RemoteHost.

Tip 5: Disable Password Authentication

After setting up your SSH key pair, it’s essential to disable password authentication to enforce key-based authentication. Follow these steps to disable password authentication:

  1. Open the SSH server configuration file on the remote server. The file is usually located at /etc/ssh/sshd_config.
  2. Look for the line that specifies PasswordAuthentication and change its value to no.
  3. Save the changes and exit the editor.
  4. Restart the SSH service on the remote server for the changes to take effect.

With password authentication disabled, you can now connect to the remote server using only your SSH key, providing an extra layer of security for your SSH connections.

Remember to keep your private key secure and use a strong passphrase when generating the key pair. Additionally, ensure that you have a backup of your private key to avoid any potential data loss.

Bonus Tip: Boost Productivity with Tmux

Tmux is a terminal multiplexer that allows you to manage multiple terminal sessions within a single SSH connection. It enables you to split the terminal window, create multiple panes, and switch between them effortlessly.

To install Tmux, use the appropriate package manager for your operating system. Once installed, you can start a new Tmux session by running tmux in your SSH terminal. Refer to the earlier section in this blog for essential Tmux commands.

You May Also Enjoy

Managing Multiple Email Addresses: A Solution

1 minute read

Published:

The tribulations of academia lie in our continued reliance on emails. An unencrypted multitude of email addresses abounds, yet the challenge remains in managing them all. … – anon

Some of my favorite xkcd comics.

less than 1 minute read

Published:

Everyone requires a stress release to avoid mental and physical breakdowns. Enter xkcd, Randall Munroe’s webcomic. If science, math, or programming tickle your funny bone, the stick-figure comics are a must-read. Indulge in xkcd at your leisure and utilize explainxkcd for clarifications and don’t overlook the captions. Here are a few of my all-time favorites.

Navigating Misinformation: A Digital Survival Guide

3 minute read

Published:

In today’s digital age, we find ourselves in a constant battle against the relentless waves of misinformation. The information landscape has evolved significantly over the years, and with the advent of social media and advanced technologies, the challenges have grown exponentially. To stay afloat and make informed decisions, we need a digital survival guide. The story of news media and propaganda has a long history, but it has reached new heights in the digital era. Misinformation, or false and misleading information, is disseminated at an unprecedented scale, thanks to social media. The information landscape is in a constant state of flux, and this discussion has never been more pertinent than in today’s global context.

The Intersection of Atheism, Science, and Belief: Reflections Inspired by Kushi

3 minute read

Published:

I recently watched the Telugu romantic comedy film “Kushi” (2023), and its portrayal of atheists sparked some intriguing thoughts that I felt compelled to share. In the movie, the character representing an atheist is depicted as a “science believer,” which, from my perspective, falls short of capturing the essence of atheism. Allow me to elaborate on this matter further. There’s a distinction between what we can call a “strong atheist” and a “science supporter.” A strong atheist, based on the classification by renowned evolutionary biologist Richard Dawkins, is a person who asserts with 100% certainty that there is no God. However, even in this extreme case of atheism, one should not automatically assume a strong inclination toward science. The reason I emphasize the distinction between a “supporter of science” and a “believer” is rooted in the core tenets of scientific thinking. Science is fundamentally about inquiry, skepticism, and the pursuit of knowledge based on empirical evidence. It is not a system of belief but a conceptual tool for understanding the world. In science, one cannot merely believe; one must question in order to comprehend.