Chapter 17. Remote Access


Remote access is one of Linux’s great features, and there are many ways to do it. For access over untrusted networks, don’t use those old reliable standbys, telnet or X, because logins and data are sent in the clear. Your best bet is OpenSSH (Secure Shell), a suite containing a number of secure remote transfer programs: scp (secure copy), ssh (Secure Shell), and sftp (SSH file transfer protocol). ssh is the tool of choice for remote system administration; with ssh, you can log into remote systems and run them as though you were physically there. Logins and data are encrypted, and ssh will detect if any packets have been altered en route. Eavesdroppers can sniff and muck with all the packets they want—they won’t get anywhere.

SSH isn’t really a shell; it’s a protocol. There are two incompatible versions of this protocol: SSH-1 and SSH-2. OpenSSH supports both. This chapter covers SSH-2, because you should be using a current version of OpenSSH.


SSH nomenclature can get a bit confusing. SSH, capitalized, is the protocol. ssh, scp, and so forth, in lowercase, are programs that use SSH. OpenSSH is the implementation of SSH used in this chapter.

Using SSH is not very complicated. If you’re used to rsh, rlogin, or rcp, the command syntax is pretty much the same. You’ll need sshd , the OpenSSH daemon, running on all machines to which you want to enable remote access, and you’ll need shell accounts on the remote machines. You can log in as ...

Get Linux Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.