- 1 SSH (EN)
- 2 SSH (NL)
SSH means "Secure shell". Using SSH, it is possible access a command line on the web server. Using SSH has many afvantages: it is lightweight, it is designed with security as the most important criterium, it is supported on many platforms, and it is a well known method to manage computer systems from a distance.
for you, as a web hosting user, SSH is especially useful if you:
- want to modify cron jobs yourself
- have written scripts to automate certain aspects of your site
- wish to use programs such as Drush or wp-cli
Logging in without passwords
Logging in without passwords sounds contradictory, but off course doesn't mean we let users log on without authentication. We just use another mechanism to do so: public key authentication. Put in layman's terms, you need a so called "key pair", which consist of two parts - two separate files.
- a private key, which is yours, personal, and secret. Keep it on your computer and never copy it anywhere else.
- a public key, which does not contain any secrets, and which you can send worrylessly out into the world.
A key pair can be generated on any computer with the correct software (see below). Then, send us the public key, and we will add it to your account. People who don't have a private key which matches the public key linked to your account will not be able to log on.
For more in depth background information, see ssh.com.
Creating an SSH Key Pair with Putty
PuTTY is a Free Open Source Software (FOSS) solution for Windows that allows Windows users to generate SSH keys and use them to access Linux servers via an SSH connection.
- Download and run the PuTTY "Installer" from this page: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
- Generate a private and public key pair:
- Go to the Windows Start menu -> All Programs -> PuTTY and open PuTTYgen
- Select the correct type of SSH key to generate as indicated with a red box in the image below
- Click the 'Generate' button and PuTTYgen will ask you to make some random movement with your mouse until it has enough random data to generate a secure key for you
- Click the 'Save private key' button and save the resulting file somewhere safe and only accessible by you!
- Export Public key to the Linux server:
In the grey box at the top, entitled 'Public key for pasting into OpenSSH authorized_keys file' (in the picture below what is highlighted in the red box), there will be a string of characters.
Copy all of this string into an email and send it to your contact person at VUB helpdesk, as per the opening instruction on this page.
That's it, you're done!
Setting Up an SSH Session with SSH Keys in PuTTY
When you recieve a confirmation from the hosting team that your public key has been added to your website on the webserver, we can use PuTTY (or whatever application that can use ssh with public keys) to connect to it. We will do this by setting up and saving a session. This way we will be able to quickly reconnect at a later time with all of our settings saved.
Open PuTTY and click on the plus sign of the "SSH" category in the navigation menu:
Within this category, click on the "Auth" sub-category. There is a field on this screen asking for the "Private key file for authentication". Click on the "Browse" button:
Search for the private key file that you saved. This is the key that ends in ".ppk". Find it and select "Open" in the file window:
Next, in the Navigation menu, click on the plus sign of the “Connection” category. You will see a sub-menu with a sub-category “data”. Click on “Data” and then fill in the text box like here below.
The user to fill in is “<username>”
Now, in the navigation menu, we need to return to the "Session" category screen that we started at. This time, we need to create a name for the session that we will be saving. This can be anything, so select something that will help you remember what this is for.
When you are finished, click on the "Save" button.
You now have saved all of the configuration data needed to connect to your new server.
Connect to Your Server Using the Saved PuTTY Session Now that you have your session saved, you can recall these values at any time by returning to the "Session" screen, selecting the session you would like to use in the "Saved Sessions" section, and click "Load" to recall the settings. This will auto-fill all of the fields with the values you initially selected. When you are ready to actually connect to your server, on the "Sessions" screen, click the button at the bottom that says "Open" after you have loaded your session:
The first time that you connect with the remote host, you will be asked to verify the identity of the remote server. This is expected the first time you connect to a new server, so you can select "Yes" to continue.
Afterwards, you should immediately be logged into your new server without ever having to type in a password If you've gotten this far, you've successfully configured SSH keys with your web server!
Creating an SSH key pair with ssh-keygen
Most Linux distributions come with OpenSSH included. First of all, open a terminal window.
- To install it, use these commands:
- on Debian, Ubuntu, or Mint:
$ sudo apt-get install openssh-client
- on Fedora, CentOS, or Red Hat Enterprise Linux:
# yum install openssh openssh-clients
- on Debian, Ubuntu, or Mint:
- Type the following command:
$ ssh-keygenYou can accept the default file locations (.ssh/id_rsa and .ssh/id_rsa.pub in your home directory for the private and public key, respectively), and optionally enter a password (this is recommended to prevent someone who steals your data or computer from abusing your private key).
- send us the public key! hint: .ssh is a hidden directory...
Logging on to the web server using SSH
This is going to be a very short tutorial:
$ ssh <username>@<servername>
If you don't get any errors and a prompt appears, saying
then you are logged in!
SSH staat voor Secure Shell. Met SSH is het mogelijk een remote commandolijn te krijgen op onze webserver. SSH heeft tal van voordelen: het is licht in gebruik, ontworpen met veiligheid als belangrijkste vereiste, ondersteund op vele platformen, en een goed ingeburgerde manier om op afstand systemen te beheren.
SSH is voor u als hosting-gebruiker vooral nuttig indien u: