Once you've loaded a terminal emulator, you'll now have access to the
ssh series of commands. The ones that interest us are:
On Windows, these commands are technically
ssh-keygen.exe, and so on. You're OK to omit the
.exe from these commands as they're in the
$PATH variable for your user and the whole system. We covered environment variables in a previous section.
Let's explore each option.
This is the main command you'll use to connect to remote systems (or local Virtual Machines) via the SSH protocol. It's syntax is simple:
1 2 3 4 5 6 7
1 2 3 4 5
Even though the presentation of how
ssh works on Windows is different to that on macOS, your usage is likely to be so simple (even later on in your career) that the differences aren't really of concern.
Here are two of the common commands you're going to use:
ssh <user>@<host> -p <port>
ssh <user>@<host> -p <port> -i <ssh-key-file>
<user> field is going to be the username you'll use to connect to the remote system. In the case of a Ubuntu Server, that's very likely going to be
ubuntu, but not always. In AWS, I've seen
ec2-user used on RedHat Enterprise Linux and
admin in Debian. In our case it's
<host> can be a DNS hostname like
ssh.my-server.com or an IP address, both IPv4 and IPv6 are supported.
Sometimes the default port isn't
22. In the case of VM, we've had to forward port
2222 on our host machine to
22 on the guest OS (Ubuntu). This means you'll be connecting via
2222 and not
We'll cover the use of
-i below, when we get to authenticating via SSH keypairs. In short, it simply tells the SSH client to reference a particular SSH key identity when trying to authenticate with an SSH keypair.
This command lets us generate SSH keypairs for use in SSH keypair authentication. Here's the command syntax:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
To keep this simple for the time being, I suggest you simply run
ssh-keygen and follow the prompts. We'll do this below when we discuss SSH keypair authentication.
The SSH agent is a process/service that you run on your local system. It keeps track of SSH keypair passwords, so that you can provide the password once and then use the key repeatedly without having to retype it. This is useful if you're running a lot of commands and need to use your key over and over again. After some inactivty, the key's password can be expired from the cache, forcing you to supply it again.
Because of the complexity with setting up the SSH Agent on Windows, macOS and Linux, we will not cover running this system. The reader and explore this item themselves, and probably should, as it's an interesting exercise and you will learn a lot.
ssh-add command will "add" a password protected SSH key to your SSH Agent, after you provide the password. From that point onwards, the SSH Agent will then respond to SSH authentication requests, after you've connected to a server, with your SSH keys (without you having to provide the password.)
Copying files to a remote system can be done in so many different ways. One way is to use the "secure copy" command, or
scp, to transfer the file over an SSH connection. This is quite a common practice. Here is the command syntax:
1 2 3
The simple way of doing this is:
scp <user>@<host>:remote_file local_file. This will transfer/copy the remote files to the local system. You can reverse this with by doing
scp local_file <user>@<host>:remote_file, which will copy
local_file to the remote system can call it