SSH (Secure SHell) is a protocol for securely running commands on a remote computer. Use this tag for questions about configuring, using and trouble-shooting SSH client and server software.
SSH is a protocol for securely running commands on a remote computer. It works by creating an encrypted connection between a client and a server listening on port 22 (by default). It was designed in the mid 1990s as a secure replacement for protocols such as Telnet and FTP which exchange data (including authentication tokens) in plain text.
Implementations
- Dropbear is a lightweight implementation of SSH targeted at embedded devices.
- OpenSSH, developed by the OpenBSD project, is by far the most common implementation of SSH, both server-side and client-side, in the unix world. If someone mentions SSH in a unix context, assume OpenSSH unless told otherwise.
- PuTTY is an SSH client mostly found on Windows.
Related programs
- AutoSSH: Automatically restart SSH sessions and tunnels
- Corkscrew: tunnel through HTTP proxies
- SSHFS: mount remote filesystems over SSH
Troubleshooting
If public key authentication doesn’t work: make sure that on the server side, your home directory (~), the ~/.ssh directory, and the ~/.ssh/authorized_keys file, are all writable only by their owner. In particular, none of them must be writable by the group (even if the user is alone in the group). chmod 755 or chmod 700 is OK, chmod 770 is not.
What to check when something is wrong:
- The most useful source of information for diagnosing problems with SSH connections is the messages logged by the SSH server. These are typically logged to
/var/log/secure,/var/log/auth.log,/var/log/daemon.logor similar, depending on the OS/distribution. Relevant log messages should be included in in the question. - If you can’t access the server to check the logs, the next best option is to run
ssh -vvvto see a lot of debugging output from the client’s perspective. If you post a question asking why you can't connect with SSH, include this output (you may want to anonymize host and user names). - If public key authentication isn't working, check the permissions again, especially the group bit (see above).
Further reading
- How to make password-less login work
- Keep SSH Sessions running after disconnection.
- SSH easily copy file to local system.
- Quoting in ssh $host $FOO and ssh $host “sudo su user -c $FOO” type constructs
- What steps does the system go through when handling an SSH connection?
- How can I pause up a running process over ssh, disown it, associate it to a new screen shell and unpause it?
- Kill an unresponsive ssh session without closing the terminal
