SSH commands cool cool for easily access.
What is SSH?
SSH (Secure Shell) is a protocol used to securely connect to remote servers. It’s commonly used by developers and system administrators to manage servers and transfer files. (see bash commands here but it’s Thai)
Alright let’s get to the point.
1. Normal ssh command to connect to server will use the syntax:
ssh username@server_address
For example:
# Normal ssh with default port = 22
ssh root@11.22.33.44
# If uses a custom port such as 1234 (not the default port 22), specify "-p"
ssh -p 1234 root@11.22.33.44
# If use custom port and access by key instead of password.
ssh -p 1234 -i ~/.ssh/keys/11.22.33.44.pem ubuntu@11.22.33.44Scenarios
1.1 Connecting with a Password (Not cools 😁)
If the server requires a password, the terminal will prompt you to enter it. Just type your password and hit Enter.
1.2 Using an SSH Key (A bit cool 🤓)
For better security, many servers use SSH keys instead of passwords. To use an SSH key, you can generate one with:
ssh-keygenThen add your public key (.pub) to the server by running:
# Add public key to server, then can connect without password.
ssh-copy-id username@server_ip_address
# Add public key to server with custome port
ssh-copy-id "user@hostname.example.com -p <port-number>"
# Add public key to server with "Host" name form config file.
# -f = force, -i = identify public key,
ssh-copy-id -f -i ~/.ssh/id_rsa.pub server-grassroot-prod2. Use config file (More cool 👍)
- Config file is a file that name
configand location in~/.sshin Mac. - Then put the config like this.
# ================ 1 steps access ================
Host grassroot-prod
HostName 11.22.33.44
User root
Port 12345
IdentityFile ~/.ssh/keys/11.22.33.44.pem
# ================ 2 steps access ================
# Base server
Host base_server
HostName 115.31.123.456
Port 11111
User ubuntu
IdentityFile ~/.ssh/keys/vm_bastion.pem
# Two step access (ssh to private server inside Base server)
# Normally will use "ssh -J base_server grassroot-server2"
# "-J" is stand for "Jump host" but it's waste of time, we can use below instead.
# We can add more "ProxyJump" like below to be 1st step access.
Host grassroot-server2
HostName 192.168.1.23
Port 11111
User ubuntu
IdentityFile ~/.ssh/keys/private_vm_bastion.pem
ProxyJump base_server3. Creat function for using in Terminal (Cool Cool 😎)
- In case of someday we want to change private ip to be dynamic IP we can config like this
Host sangfor_dynamic
HostName %h # ใช้ %h เป็นตัวแทนของ HostName
Port 12345
User ubuntu
IdentityFile ~/.ssh/sangfor/sangfor_clone_vm.pem
ProxyJump sangfor_vm_bastionAlso in .zshrc or .bashrc to add this function.
# Sangfor config (look a bit long commands, when not work with "config" file)
sangfor() {
local ip="$1"
if [ -z "$ip" ]; then
echo "Usage: sangfor <IP>"
return 1
fi
ssh -o HostName="$ip" -o User=ubuntu -o Port=12345 -o IdentityFile=~/.ssh/sangfor/sangfor_clone_vm.pem -o ProxyJump=sangfor_vm_bastion
}
# Sangfor config (more clean when use this to work with "config" file)
sangfor() {
local ip="$1"
if [ -z "$ip" ]; then
echo "Usage: sangfor <IP>"
return 1
fi
ssh -o HostName="$ip" sangfor_dynamic
}Explain:
sangfor() {= Function (can define any name)local ip=”$1"= Declare variableipand define value = first argument in functionsangfor()if [ -z “$ip” ]; then= Validate that “ip” is empty (-z = check empty)return 1= Get out from function and return 1 to let user know error.ssh -o HostName=”$ip” sangfor_dynamic= Call command ssh to connect to ip with alias sangfor_dynamic that we already set in config file.-o HostName=”$ip”= Define dynamic IP in SSH command.
Finally when we want to use custom IP we can call like this.
atthana@Atthanas-MacBook-Pro.local:~ $ sangfor
Usage: sangfor <IP>
# Only this will be able to access any private IP.
sangfor 192.168.1.65 Refs:
https://linuxhandbook.com/add-ssh-public-key-to-server/
