Understanding SSH – The Secure Way to Access Remote Servers
🚀 A beginner-friendly guide to what SSH is, why it's important, and how to use it securely with key-based authentication.
🧠 What is SSH?
SSH (Secure Shell) is a secure communication protocol that lets you connect to another computer or server remotely over the internet or network — safely and encrypted.
🔍 Example:
You can log into a remote Linux server from your laptop using SSH to run commands, transfer files, or manage services.
🤔 Why Was SSH Developed?
Before SSH, people used protocols like Telnet or FTP, which sent data in plain text — including passwords!
SSH was developed to:
- Encrypt communication between devices
- Protect sensitive information
- Prevent eavesdropping and hacking
SSH was introduced in 1995 and quickly replaced insecure alternatives.
🔐 How Secure is SSH?
SSH uses:
- Strong encryption algorithms
- Public-private key pairs
- Secure authentication methods
This makes it very secure — used by developers, sysadmins, DevOps, cloud engineers, and even big tech companies to manage infrastructure.
🛠️ Where is SSH Used?
SSH is commonly used to:
- Access and manage remote servers
- Deploy code to servers
- Manage cloud platforms (like AWS, DigitalOcean)
- Create secure tunnels for data transfers
- Use Git with services like GitHub, GitLab, Bitbucket securely
📦 How to Install SSH
SSH comes pre-installed on most Linux/macOS systems.
To check if SSH is installed:
ssh -V
If not installed, run:
sudo apt update
sudo apt install openssh-client
For enabling SSH on a server:
sudo apt install openssh-server
sudo systemctl enable ssh
sudo systemctl start ssh
🔑 SSH Keys – Public and Private Key
SSH supports two methods of login:
- Password-based login (not recommended)
- Key-based login ✅ (recommended)
What are SSH Keys?
SSH keys are like your digital identity for secure login:
- Private Key: Stays on your device (keep it secret 🔒)
- Public Key: Shared with the server
They work together — your private key proves your identity without needing a password.
🧰 How to Generate SSH Keys
Run this on your terminal:
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
It will ask:
- Where to save the key → Default is
~/.ssh/id_rsa - Passphrase (optional but recommended)
Result:
id_rsa→ Your private key (keep safe)id_rsa.pub→ Your public key (share with server)
🧭 What’s Inside These Files?
id_rsa: Your private key, in PEM format (should never be shared!)id_rsa.pub: A string starting withssh-rsa ...— your public key
📂 Where to Place and Use These Keys
On Your Local Machine (Your Laptop):
- Keep both files in
~/.ssh/ - Set proper permissions:
chmod 600 ~/.ssh/id_rsa
chmod 644 ~/.ssh/id_rsa.pub
On the Remote Server:
- Add the public key to:
~/.ssh/authorized_keys
You can copy it using:
ssh-copy-id username@remote_host
💡 Connecting Using SSH Key
Once the keys are in place:
ssh username@remote_host
If a passphrase is set, it will ask once and grant access without needing a password.
🛡️ Bonus Tips for Security
- Use key-based authentication only
- Disable password login on the server (
/etc/ssh/sshd_config) - Use strong passphrase on your private key
- Keep private key backed up securely, but never shared