SSH and SCP: Complete guide on SSH Remote Server Access
Welcome to the fascinating world of SSH! In this blog, we'll peel back the layers of this essential tool and explore how it enables secure remote access to computers. So, buckle up, fellow tech adventurer, as we embark on a journey through encryption, authentication, and the magic of remote shells!
What is SSH?
SSH stands for Secure Shell. Imagine it as a secure tunnel allowing you to access and control a computer (server) from another machine (client) over a network. No more physically sitting in front of the server - SSH grants you remote access with utmost security.
Why Use SSH?
- Security: Unlike its predecessor, Telnet, SSH encrypts all communication between the client and server, protecting your data from eavesdropping and tampering. Think of it as a secret whisper in a crowded room that only the intended recipient can hear.
- Versatility: SSH isn't just for remote desktops. You can use it for file transfers, running commands, managing servers, and even setting up secure tunnels for other applications. It's like a Swiss Army knife for remote access!
- Efficiency: Need to quickly fix a server issue at 3 AM? No need to rush to the office! SSH lets you manage servers remotely, saving you time and effort.
₹
- Authentication: The server presents its identity, like a passport. The client verifies this identity using a pre-shared secret, like a password or a special key pair. Think of it as checking someone's ID before letting them into your house.
- Secure Shell: Once authenticated, a secure tunnel is established, and the client can send commands and receive data from the server, all encrypted for a safe and private experience.
Beyond the Basics:
Now that you understand the core of SSH, let's explore some advanced features:
- Key Pairs: For enhanced security, consider using SSH key pairs. Think of it as a digital lock and key. The server has the public key, while you keep the private key secret. Only the private key can unlock the server, providing an extra layer of protection compared to passwords.
- Tunneling: Need to access a service behind a firewall? SSH tunneling can create a secure channel, like a secret passage, to access that service remotely.
- Port Forwarding: Want to run a local application on a remote server's port? SSH port forwarding allows you to do just that, making it seem like the application is running locally.
Getting Started with SSH:
Ready to try SSH yourself? Here are some resources to get you started:
- Client software: Many operating systems come with built-in SSH clients. Alternatively, popular clients like PuTTY or OpenSSH are readily available.
- Server setup: Most server operating systems allow SSH configuration and key management.
- Tutorials and guides: The internet is brimming with resources to guide you through setting up and using SSH.
Remember:
- Use strong passwords or key pairs.
- Keep your SSH server software up-to-date.
- Only grant SSH access to authorized users.
With these tips and a little exploration, you'll be navigating the world of SSH like a pro in no time! Feel free to ask any questions you have along the way. Happy remote accessing!
SCP Transfer Flow
Uploading File from Local to Remote Server
┌─────────────────────┐ ┌──────────────────────┐
│ Local Machine │ │ AWS Ubuntu Server │
│ │ │ │
│ myfile.txt │ │ /home/ubuntu/ │
│ (Source) │ │ (Destination) │
└──────────┬──────────┘ └───────────┬──────────┘
│ │
│ 1. Establish SSH Connection │
│──────────────────────────────────────────────>│
│ │
│ 2. Authentication (key/password) │
│<═════════════════════════════════════════════>│
│ │
│ 3. Request file transfer mode │
│──────────────────────────────────────────────>│
│ │
│ 4. Send file metadata (size, permissions) │
│──────────────────────────────────────────────>│
│ │
│ 5. Transfer encrypted file data │
│══════════════════════════════════════════════>│
│ ┌─────────────────┐ │
│ │ Encrypted Data │ │
│ │ ▓▓▓▓▓▓▓▓▓▓▓▓▓ │ │
│ └─────────────────┘ │
│ │
│ 6. Acknowledge receipt │
│<──────────────────────────────────────────────│
│ │
│ 7. Close connection │
│<─────────────────────────────────────────────>│
│ │
Downloading File from Remote Server to Local
┌─────────────────────┐ ┌──────────────────────┐
│ Local Machine │ │ AWS Ubuntu Server │
│ │ │ │
│ /home/user/ │ │ server-data.log │
│ (Destination) │ │ (Source) │
└──────────┬──────────┘ └───────────┬──────────┘
│ │
│ 1. SSH Connection + Authentication │
│<═════════════════════════════════════════════>│
│ │
│ 2. Request file from server │
│──────────────────────────────────────────────>│
│ │
│ 3. Server sends file metadata │
│<──────────────────────────────────────────────│
│ │
│ 4. Transfer encrypted file data │
│<══════════════════════════════════════════════│
│ ┌─────────────────┐ │
│ │ Encrypted Data │ │
│ │ ▓▓▓▓▓▓▓▓▓▓▓▓▓ │ │
│ └─────────────────┘ │
│ │
│ 5. Save file locally │
│ │
│ 6. Connection closed │
│<─────────────────────────────────────────────>│
│ │
Practical SCP Examples
Upload Single File to Remote Server
# Basic syntax
scp local-file.txt ubuntu@ec2-xx-xx-xx-xx.compute-1.amazonaws.com:/home/ubuntu/
# With AWS .pem key
scp -i your-key.pem local-file.txt ubuntu@ec2-xx-xx-xx-xx.compute-1.amazonaws.com:~/
# Upload to specific directory
scp -i your-key.pem document.pdf ubuntu@server:/var/www/html/uploads/
Upload Multiple Files
# Multiple specific files
scp -i your-key.pem file1.txt file2.txt file3.txt ubuntu@server:~/backups/
# All files with pattern
scp -i your-key.pem *.log ubuntu@server:~/logs/
Upload Directory Recursively
# Upload entire directory
scp -i your-key.pem -r /local/directory ubuntu@server:~/remote-directory/
# Example: Upload project folder
scp -i your-key.pem -r ./my-project ubuntu@server:~/projects/
Download File from Remote Server
# Download single file
scp -i your-key.pem ubuntu@server:~/remote-file.txt ./local-directory/
# Download from specific path
scp -i your-key.pem ubuntu@server:/var/log/app.log ./logs/
Download Directory Recursively
# Download entire directory
scp -i your-key.pem -r ubuntu@server:~/remote-folder ./local-folder/
# Example: Download backups
scp -i your-key.pem -r ubuntu@server:/var/backups ./my-backups/
Advanced SCP Options
# Preserve file attributes (timestamps, permissions)
scp -p -i your-key.pem file.txt ubuntu@server:~/
# Compress during transfer (faster for large files)
scp -C -i your-key.pem large-file.zip ubuntu@server:~/
# Limit bandwidth (in Kbit/s)
scp -l 1000 -i your-key.pem file.txt ubuntu@server:~/
# Verbose mode (for debugging)
scp -v -i your-key.pem file.txt ubuntu@server:~/
# Use different port (if SSH is not on port 22)
scp -P 2222 -i your-key.pem file.txt ubuntu@server:~/
Common Issues and Troubleshooting
Permission Denied (publickey)
# Check key permissions
chmod 400 your-key.pem
# Verify correct username (AWS Ubuntu uses 'ubuntu')
ssh -i your-key.pem ubuntu@server # ✓ Correct
ssh -i your-key.pem root@server # ✗ Wrong for Ubuntu
Connection Timeout
# Check AWS Security Group allows port 22 from your IP
# Verify server is running: ping ec2-xx-xx-xx-xx.compute-1.amazonaws.com
Host Key Verification Failed
# Remove old key from known_hosts
ssh-keygen -R ec2-xx-xx-xx-xx.compute-1.amazonaws.com
Summary
SSH Quick Reference
- Connect:
ssh -i key.pem ubuntu@server - With config:
ssh aws-ubuntu - Execute command:
ssh ubuntu@server "ls -la" - Port forwarding:
ssh -L 8080:localhost:80 ubuntu@server
SCP Quick Reference
- Upload file:
scp -i key.pem file.txt ubuntu@server:~/ - Upload folder:
scp -i key.pem -r folder ubuntu@server:~/ - Download file:
scp -i key.pem ubuntu@server:~/file.txt ./ - Download folder:
scp -i key.pem -r ubuntu@server:~/folder ./
![[Explained] How to Add Custom Domain to AWS "CloudFront" with SSL Enabled](/content/images/size/w300/2024/03/_72e1e43b-2175-4074-9b5e-d9b8dfbd1f46.jpeg)
