Unlike Telnet, Secure Shell (SSH) encrypts the connection between the remotely connected hosts and doesnt trransfer your password in plain text. As such SSH is more secure and must be used for remote connections. In this post I will install, configure and connect 2 computers running Ubuntu and CentOS. The connection will be tested with a password-based authentication followed by using public and private key pairs to establish trust between the hosts.

To start this trial, install OpenSSH server and client to Ubuntu using:
P.S. make sure you login as root when required.

apt-get install openssh-client
apt-get install openssh-server

To install them in CentOS use yum instead of apt-get:

yum install openssh-client
yum install openssh-server

After installation, lets refresh the service. In Ubuntu this is done using:

/etc/init.d/ssh restart

or

service ssh restart

While in CentOS the service is called sshd, so we use:

After installation, lets refresh the service. In Ubuntu this is done using:

/etc/init.d/sshd restart

or

service sshd restart

This should enable you now to connect to each system from the other one remotely. For instance, if the IP of CentOS system is 192.168.1.5 we may access it from Ubuntu using:

ssh 192.168.1.5

or if you want to login with a specific username such as ‘haider’, use:

ssh haider@192.168.1.5

For security reasons, you might wish to change the listening port number of the SSH service (the server, in our case is CentOS). This and other configurations are made inside the /etc/ssh/sshd_config file. However, before doing any changes it is a good practise to take a backup:

cp /etc/ssh/sshd_config /etc/ssh/sshd_config.original

Now edit the file using your favourite editor (vi, nano etc) and change the port from 22 to 2222 (or any other unused port). Once done restart the service again (the relevant command was mentioned above) to activate the new settings and use the following command to check the status of your new port:

netstat -punat | egrep "2222"

To use the public key authentication, I used the following command to generate a private and a public key with RSA encryption in my Ubuntu

ssh-keygen

The Terminal will prompt you for a name for your keys, just press enter and the name will be id_rsa by default. These, once generated, are automatically stored in the directory you are in. As such I advice you to run it from the /root/.ssh directory to save it there. Running the command will produce two files: id_rsa (this is the private key and should remain safe in your machine) & id_rsa.pub (which is the public key).

To allow ssh access using these keys the content of the public key must be copied to the ~/.ssh/authorized_keys file on the server’s machine (CentOS). Since our ssh worked with password authentication, lets use scp (secure copy) to achieve this:

scp /etc/ssh/id_rsa.pub 192.168.1.5:~/.ssh/

Now, on CentOS copy the content of the public key into the authorized_keys file (you may create this file if it doesn’t exist).

cat id_rsa.pub >> authorized_keys

Then, lets allow public key authentication inside CentOS ssh configuration file. Simply make sure the following lines are not commented-out:

PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

Restart ssh service again on the server (CentOS).

Thats all! I can now connect to my CentOS system from Ubuntu without being prompt for a password. In fact I may disable password-based authentication.