Getting Started with Linux Fundamentals
Linux operating systems are a popular choice in cloud environments and other network environments. The access to cloud computers is often limited to certain protocols and practices to keep the computers safe. Linux users use various tools and services to perform day-to-day tasks such as accessing a remote computer or transferring a file.
On the GNOME desktop, you access files on another computer on your network by using the GNOME Files application. You must have a user account on the destination computer, and remote login must be enabled. The destination computer can be referred to as a server in this context, and the computer you are using is the client.
To access a remote computer by using GNOME Files, you must enable remote login on the destination computer. In this context, the destination computer is considered a server because it provides access functionality to the client machine.
On the GNOME desktop, you enable the remote login functionality in GNOME Settings. Launch Settings on the remote server and click in the left column. In the right panel, set to .
To log in to a remote computer, you must know its IP address. Alternatively, if the network environment has a DNS server, then you can log in to a remote computer by using its hostname. A DNS server keeps track of the computers in the network and translates IP addresses to hostnames, and vice versa.
To log in to a remote computer from the GNOME desktop, launch the Files application on the client machine.
In the left panel, select .
In the field, type ssh:// followed by your username on the remote computer, the at sign (@), and then the IP address or hostname of the server that you want to log in to.
Click to log in.
When you are prompted for your password, enter the password for your user account on the server.
If there are files on the remote computer, then you see them in the Files window. You can use the files on the remote computer the same way that you use local files on your client machine.
In some environments, system administrators configure the computers so that when you log in to a remote computer, all your files and directories are available in your home directory. If a remote computer does not have this configuration, then you can manually share files and directories.
In the GNOME desktop, you can copy or move files or directories between computers. After you log in to the remote computer by using the Files application, you can transfer items to or from the remote computer.
In the following example as the student user, you copy the ~/Documents/Report.doc file from the local computer to the ~/Repository directory on the remote servera computer.
In the Files application on the local computer, navigate to the Documents directory.
Right-click the Report.doc file, and select .
In the dialog, click the remote connection. Double-click the directory and click .
To transfer a file from the remote computer, select the file on the remote computer and select the local directory as the destination.
Linux uses the Secure Shell Protocol (SSH) as a back end to access remote computers and send commands or files.
SSH encrypts the communication between computers, and is widely used to access data centers and cloud servers.
In Linux, the SSH protocol is managed by the SSH daemon, also known as the sshd system service.
A daemon is the Linux term for a service that runs in the background.
On the command line, you can use SSH to connect to remote machines by using the ssh command.
The ssh command uses a client to connect to the SSH service that is running in the remote computer.
The SSH service and the ssh command are installed by default in most Linux systems.
On the command line, you enable the SSH remote login by using the systemctl command.
The systemctl command controls system services, such as the SSH service.
Use the systemctl command with the enable subcommand to enable a service, along with the --now option to make the change immediate, followed by the name of the service that you want to start.
[user@host ~]$ sudo systemctl enable --now sshdVerify that a service is active by using the systemctl is-active command followed by the name of the service.
You can use the systemctl is-active command without a sudo privilege because this command does not modify the service.
[user@host ~]$systemctl is-active sshdactive [user@host ~]$systemctl is-active lvm2inactive
Verify that a service is active and obtain other information by using the systemctl status command followed by the name of the service.
[user@host ~]$ systemctl status sshd
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor pres>
Active: active (running) since Fri 2023-11-03 15:34:30 NZDT; 1h 43min ago
[...]The ssh command requires the remote username and the IP address or hostname of the remote server as arguments.
These two arguments are joined by the at sign (@) to form a single string.
In the following example, you log in by using the computer's hostname.
You log in to the servera machine as the remote user and use RedHat123! as the password.
[user@host ~]$ssh remote@serverastudent@servera's password:RedHat123!
When you are prompted for your password, enter the password for your user account on the server.
For privacy, you do not see your password as you type it.
After you have logged in, the command prompt in your terminal is updated to reflect the shell's new location.
In this example, instead of the hostname of host, the command prompt displays servera as the hostname and remote as the user.
[remote@servera ~]$
The permissions and privileges on the remote computer might be different from your local computer. For example, you might have permissions to change a directory's ownership on the local computer, but not on the remote computer. You can use commands to identify the user account permissions and the configuration of the remote computer.
The scp command copies a file from one computer to another over an encrypted network connection.
The scp command requires two arguments, in the following order: the files to be moved and the target location.
To copy a local file to a remote server, provide the path to the file that you want to copy, and the destination server and directory.
Similar to the ssh command, the scp command requires a password to authenticate the user.
[user@host ~]$ scp ~/Documents/example.txt user@servera:~/DocumentsYou can also copy a file from a remote system to your local computer.
[user@host ~]$ scp user@servera:~/Documents/example.txt ~/DocumentsYou can also copy a file from a remote host to another remote host.
[user@host ~]$ scp user@servera:~/Documents/example.txt user@serverb:~/DocumentsIf you log in to servers often, then entering passwords into every system that you access can become time consuming. To avoid entering passwords into trusted systems, you can use an SSH key pair.
An SSH key pair consists of a private key file and a public key file. You send the public key to the servers that you expect to log in to often. When you contact a server to log in, your private key is used in combination with the public key on the server to confirm your identity. The public key is like a padlock that is duplicated across many different doors. Even though the lock is freely distributed to the public, it is useless to anyone without your private key.
On the command line, generate an SSH key pair by using the ssh-keygen command with the -t ed25519 option to choose the ed25519 encryption algorithm, and then follow the prompts, accepting all defaults.
You can generate a key pair only one time, because you can use the same key pair to log in to multiple servers.
Optionally, you can set a passphrase when creating an SSH key pair to add an additional security layer. A passphrase is a password that you configure to a key pair; you must input the passphrase every time that you use the key pair. By default, SSH key pairs do not use a passphrase.
[user@host ~]$ssh-keygen -t ed25519$ ssh-keygen -t ed25519 Generating public/private ed25519 key pair. Enter file in which to save the key (/home/user/.ssh/id_ed25519):EnterCreated directory '/home/user/.ssh'. Enter passphrase (empty for no passphrase):EnterEnter same passphrase again:EnterYour identification has been saved in /home/user/.ssh/id_ed25519 Your public key has been saved in /home/user/.ssh/id_ed25519.pub The key fingerprint is: SHA256:y+Ue2FpKtHlTIes+5RC/VFBHohey+5iAGWRQ9J6bpJw user@host The key's randomart image is: +--[ED25519 256]--+ | .+= ..+.o| | o . .+ + | | . o +.. | | =.+ +. | | S Boo. | | + &.=++ | | E @=o.. | | . B.oo | | o o. | +----[SHA256]-----+
Verify that the id_ed25519 key pair exists by using the ls key to view the contents of the ~/.ssh hidden directory.
The id_ed25519 file is the private key, and the id_ed25519.pub file is the public key.
[user@host ~]$ ls ~/.ssh
id_ed25519 id_ed25519.pubThe ssh-copy-id command copies your SSH public key to a remote computer.
Use the ssh-copy-id command followed by your username on the remote computer, the at sign (@), and then the IP address of the server that you want to copy your key to.
In the following example, you copy the SSH public key of the mhoward user on the local computer to the developer030 user on the servera machine.
[mhoward@host ~]$ssh-copy-id developer030@servera/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys developer030@172.25.250.10's password:RedHat123!Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'developer030@172.25.250.10'" and check to make sure that only the key(s) you wanted were added.
The next time that you log in to the remote host, whether you use the GNOME desktop or the command line, you are not prompted for a password.
Warning
Never share your private key with anyone.
The only SSH key file that you can safely share is your public key, which is the key file ending with the .pub extension.
References
scp(1), ssh(1), ssh-copy-id(1), ssh-keygen(1), and systemctl(1) man pages
For more information about SSH and remote access, refer to How to Access Remote Systems Using SSH at https://learn.spidernet.pl/sysadmin/access-remote-systems-ssh
For additional information about using SSH, refer to 4 SSH Tricks That Every Sysadmin Should Know at https://learn.spidernet.pl/sysadmin/ways-use-ssh