17.6. Configuring an OpenSSH Client
To connect to an OpenSSH server from a client machine, you must
have the openssh-clients
and openssh packages
installed on the client machine.
17.6.1. Using the ssh Command
The ssh command is a
secure replacement for the rlogin, rsh, and telnet commands. It allows you to
log in to a remote machine as well as execute commands on a
remote machine.
Logging in to a remote machine with ssh is similar to using telnet. To log in to a remote
machine named penguin.example.net, type the following command
at a shell prompt:
ssh penguin.example.net
The first time you ssh to
a remote machine, you will see a message similar to the
following:
The authenticity of host 'penguin.example.net' can't be established.
DSA key fingerprint is 94:68:3a:3a:bc:f3:9a:9b:01:5d:b3:07:38:e2:11:0c.
Are you sure you want to continue connecting (yes/no)?
Type yes to
continue. This will add the server to your list of known
hosts (~/.ssh/known_hosts) as seen in
the following message:
Warning: Permanently added 'penguin.example.net' (RSA) to the list of known hosts.
Next, you will see a prompt asking for your password for the
remote machine. After entering your password, you will be at
a shell prompt for the remote machine. If you do not specify
a username the username that you are logged in as on the
local client machine is passed to the remote machine. If you
want to specify a different username, use the following
command:
ssh username@penguin.example.net
You can also use the syntax ssh -l
username
penguin.example.net.
The ssh command can be
used to execute a command on the remote machine without
logging in to a shell prompt. The syntax is ssh hostname
command. For example,
if you want to execute the command ls /usr/share/doc on the remote
machine penguin.example.net, type the following command at a
shell prompt:
ssh penguin.example.net ls /usr/share/doc
After you enter the correct password, the contents of the
remote directory /usr/share/doc will be displayed,
and you will return to your local shell prompt.
17.6.2. Using the scp Command
The scp command can be
used to transfer files between machines over a secure,
encrypted connection. It is similar to rcp.
The general syntax to transfer a local file to a remote
system is as follows:
scp <localfile> username@tohostname:<remotefile>
The <localfile> specifies
the source including path to the file, such as /var/log/maillog. The
<remotefile> specifies the
destination, which can be a new filename such as /tmp/hostname-maillog. For the
remote system, if you do not have a preceding /, the path will be relative to
the home directory of username,
typically /home/username/.
To transfer the local file shadowman to the home directory
of your account on penguin.example.net, type the following
at a shell prompt (replace
username with your username):
scp shadowman username@penguin.example.net:shadowman
This will transfer the local file shadowman to /home/username/shadowman
on penguin.example.net. Alternately, you can leave off the
final shadowman in the scp command.
The general syntax to transfer a remote file to the local
system is as follows:
scp username@tohostname:<remotefile> <newlocalfile>
The <remotefile> specifies
the source including path, and
<newlocalfile> specifies
the destination including path.
Multiple files can be specified as the source files. For
example, to transfer the contents of the directory downloads/ to an existing
directory called uploads/ on the remote machine
penguin.example.net, type the following at a shell prompt:
scp downloads/* username@penguin.example.net:uploads/
17.6.3. Using the sftp
Command
The sftp utility can be
used to open a secure, interactive FTP session. It is similar
to ftp except that it uses
a secure, encrypted connection. The general syntax is
sftp
[email protected]. Once
authenticated, you can use a set of commands similar to those
used by FTP. Refer to the sftp man page for a list of these
commands. To read the man page, execute the command man sftp at a shell prompt. The
sftp utility is only
available in OpenSSH version 2.5.0p1 and higher.