Secure Shell: SSH

SSH is a program that lets you establish a secure connection to a remote computer. Typically, SSH connections are used to administer remote devices. For example, you might SSH into a router or a web server to make configuration changes. SSH connections are encrypted.

Learning Objectives

You should be able to:

  • Describe why SSH would be useful
  • Establish an SSH connection

Video Walkthrough

Use this video to follow along with the steps in this lab.

History of SSH

Before SSH, a tool called telnet existed for people to connect to remote computers. But telnet had one big problem--connections were not encrypted. So if an administrator entered a username and password while connected to telnet, anybody who could capture those network packets could read the username and password in cleartext. SSH was invented to solve this problem. SSH connections are encrypted. People could still theoretically intercept your network packets, but those packets will be useless without the encryption key that only the SSH client and server share.

Lab Setup

Instead of using EC2 Instance Connect to establish an SSH session to your Linux virtual machine, you will use SSH from your Windows Server. This setup simulates what a network administrator might do to connect to virtual machines, routers, switches, or other devices for administrative purposes.

  • Ensure that your Windows Server and Ubuntu Server virtual machines are running.
  • Log into your Windows Server virtual machine via the Remote Desktop Protocol (RDP).
  • Return to your host operating system.
  • Find the labsuser.pem private key file you downloaded when first accessing the Learner Lab.
  • On your computer, right-click on the labsuser.pem and choose Copy.
  • Return to your RDP connect. Right-click on the desktop and choose Paste.
    copied_labsuser.pem
  • The file should appear on your desktop. Copying and pasting is the easiest way to transfer files when using RDP. Drag-and-drop will not work to copy files to your remote desktop connection.

Check the Ubuntu Server IP Address

  • In the AWS console, open the EC2 service.
  • Click Instances in the left navigation.
  • Find your Ubuntu Server instance in the list. If you do not see it, click the refresh button next to the Connect button.
  • Check the box next to your Ubuntu Server instance. (If you have more than one instance, be sure that only this instance is checked.)
  • In the lower panel, choose the Network tab. The Private IP address should be listed here.

Find Ubuntu IP

Using SSH

  • Return to the Remote Desktop connection to your Windows Server.
  • Launch PowerShell from the start menu.
    Find PowerShell

Important

Be sure to launch Windows PowerShell and not Windows PowerShell (x86) or anything that says ISE in the application name. If you launch the x86 version, you will not be able to use SSH.

  • Run the following command to change your working directory to the Desktop folder.
PS C:\Users\Administrator> cd C:\Users\Administrator\Desktop
  • Check your IP address using ipconfig.
PS C:\Users\Administrator\Desktop> ipconfig

IP

  • Note that the IP address shown is the private IP address you set manually when creating the EC2 instance.
  • Run the following command to create an SSH connection to your Linux virtual machine, but be sure to substitute the IP address of your linux server's IP address. The sample command below uses 172.31.16.60 as a placeholder, but it is unlikely that Amazon randomly assigned this IP address to your Linux computer. This command tells SSH to use the private key file and the ubuntu username to connect to the computer with the specified IP address. Note that "-l" is the lowercase letter "l" and not the number "1".
ssh -i labsuser.pem -l ubuntu 172.31.16.60

Important

For this command to work, the file labsuser.pem must be on your desktop, not inside a folder on your desktop or in any other location. Be sure to type the name of the labsuser.pem file correctly (it's easy to miss the "s").

  • The first time you connect, you will be asked if you accept the key fingerprint. Enter yes and press enter. You will only see this message the first time you connect to a new computer. The key is used to help establish the encrypted connection.
The authenticity of host '172.31.16.60 (172.31.16.60)' can't be established.
ECDSA key fingerprint is SHA256:kNX3e1/HDalHmS+5uR2PpU12eXGyqWPsndwDFFl2Nm4.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '172.31.16.60' (ECDSA) to the list of known hosts.
  • You should see an SSH connection established after accepting the key fingerprint.
    SSH Connected
  • Now, any command that you run in the command-line interface will run on the Linux virtual machine. Run the following commands.
ubuntu@ip-172-31-16-60:~$ whoami
ubuntu
ubuntu@ip-172-31-16-60:~$ pwd
/home/ubuntu
  • Run the following commands to install a simple program.
ubuntu@ip-172-31-16-60:~$ sudo apt update
ubuntu@ip-172-31-16-60:~$ sudo apt install rolldice
  • Run the program. Press enter to roll the dice. Press control+c to exit.
ubuntu@ip-172-31-16-60:~$ rolldice

4

6

3

6
^C
  • Run exit to close your SSH connection. You will return to your normal PowerShell prompt.
ubuntu@ip-172-31-16-60:~$ exit
logout
Connection to 172.31.16.60 closed.
PS C:\Users\Administrator\Desktop>

SSH in Context

In this exercise, you created an SSH connection between two virtual machines. An organization might have thousands of virtual machines. SSH can be used to connect securely to many virtual machines to make configuration changes, collect data, edit files, and more.

Important

If you are ever at a game night and somebody loses the dice, you now have the perfect method for rolling dice.

Reflection

  • What are the potential benefits of using a command-line interface (CLI) instead of a graphical user interface (GUI) when establishing remote connections?

Key Terms

  • Telnet: A network protocol used to provide bidirectional interactive text-based communication between two computers over a network. It operates on port 23 and is considered insecure because it transmits data, including passwords, in plaintext without encryption.
  • SSH (Secure Shell): A cryptographic network protocol used for secure communication over an unsecured network. It provides encrypted and authenticated remote login and other secure network services. SSH operates on port 22 and is commonly used for secure access to remote servers and devices.
  • Key Fingerprint: A short sequence of bytes used to uniquely identify a cryptographic key. In the context of SSH, a key fingerprint is a hash of a public key, used to verify the authenticity of the key during the SSH handshake process. It helps ensure that the server or client is communicating with the intended party.