To connect to an OpenSSH server from a client machine, you must have the
openssh packages installed on the client machine.
20.6.1. Using the
ssh command is a secure replacement for the
telnet commands. It allows you to log in to a remote machine as well as execute commands on a remote machine.
Logging in to a remote machine with
ssh is similar to using
telnet. To log in to a remote machine named penguin.example.net, type the following command at a shell prompt:
The first time you
ssh to a remote machine, you will see a message similar to the following:
The authenticity of host 'penguin.example.net' can't be established.
DSA key fingerprint is 94:68:3a:3a:bc:f3:9a:9b:01:5d:b3:07:38:e2:11:0c.
Are you sure you want to continue connecting (yes/no)?
yes to continue. This will add the server to your list of known hosts (
~/.ssh/known_hosts) as seen in the following message:
Warning: Permanently added 'penguin.example.net' (RSA) to the list of known hosts.
Next, you will see a prompt asking for your password for the remote machine. After entering your password, you will be at a shell prompt for the remote machine. If you do not specify a username the username that you are logged in as on the local client machine is passed to the remote machine. If you want to specify a different username, use the following command:
You can also use the syntax
ssh -l username penguin.example.net.
ssh command can be used to execute a command on the remote machine without logging in to a shell prompt. The syntax is
ssh hostname command. For example, if you want to execute the command
ls /usr/share/doc on the remote machine penguin.example.net, type the following command at a shell prompt:
ssh penguin.example.net ls /usr/share/doc
After you enter the correct password, the contents of the remote directory
/usr/share/doc will be displayed, and you will return to your local shell prompt.
20.6.2. Using the
scp command can be used to transfer files between machines over a secure, encrypted connection. It is similar to
The general syntax to transfer a local file to a remote system is as follows:
scp <localfile> username@tohostname:<remotefile>
The <localfile> specifies the source including path to the file, such as
/var/log/maillog. The <remotefile> specifies the destination, which can be a new filename such as
/tmp/hostname-maillog. For the remote system, if you do not have a preceding
/, the path will be relative to the home directory of username, typically
To transfer the local file
shadowman to the home directory of your account on penguin.example.net, type the following at a shell prompt (replace username with your username):
scp shadowman email@example.com:shadowman
This will transfer the local file
/home/username/shadowman on penguin.example.net. Alternately, you can leave off the final
shadowman in the
The general syntax to transfer a remote file to the local system is as follows:
scp username@tohostname:<remotefile> <newlocalfile>
The <remotefile> specifies the source including path, and <newlocalfile> specifies the destination including path.
Multiple files can be specified as the source files. For example, to transfer the contents of the directory
downloads/ to an existing directory called
uploads/ on the remote machine penguin.example.net, type the following at a shell prompt:
scp downloads/* firstname.lastname@example.org:uploads/
20.6.3. Using the
sftp utility can be used to open a secure, interactive FTP session. It is similar to
ftp except that it uses a secure, encrypted connection. The general syntax is
sftp email@example.com. Once authenticated, you can use a set of commands similar to those used by FTP. Refer to the
sftp man page for a list of these commands. To read the man page, execute the command
man sftp at a shell prompt. The
sftp utility is only available in OpenSSH version 2.5.0p1 and higher.