If you’ve been using Linux for any amount of time, you undoubtedly have heard about a tool known as SSH. SSH (or secure shell) is an encrypted networking tool designed to allow users to log in securely to various different types of computers remotely over a network. In this article, we show you how to set up and use SSH in Linux.
Installing SSH
To get started, we have to install the SSH server. You can find and install the openssh-server
package in Software Center or your package manager. Alternatively, if you’re on a server (or just prefer to use the terminal), open a terminal and type the following command:
# Ubuntu/Debian sudo apt install openssh-server # Fedora/CentOS/REHL sudo dnf install openssh-server

Enable SSH in Linux
Once the OpenSSH server has been installed on your machine, you’ll need to start and enable the systemd unit. To do that, you can simply type the following command into the terminal:
sudo systemctl enable --now ssh

Connecting via SSH Over Your LAN
Connecting to your remote system via SSH is very simple. First, identify the IP address of the server. To do that, type the following command into the terminal and press enter:
ip a s

Once you’ve determined the IP address of the machine, you’ll be able to log in. Go back to the machine you’re trying to log in with and enter this command:
ssh USERNAME@IPADDRESS

Note: change “username” to the user name of the user you’re trying to become on the remote system.
From there you’ll be prompted to enter the password of the same user, and you’ll be in business. You may get some kind of scary warning about the remote system being an untrusted user, but as long as you know it’s your own system, just type yes
.
Now you’re logged in! You’ll notice your prompt in the terminal change – this is a sign of success.

Generating Your Keys
Generating SSH keys and configuring key login is a little bit more advanced than just logging in with a password, but it’s certainly doable and makes logging in much more secure. The key that’s on your device is what authenticates you, so you can disable password authentication on the remote system and just log in with keys.
To do this, you’ll need to create a new key pair on your client system, copy the public key to the remote system, and make sure the key on the remote system is trusted. Overall, it’s a very simple process.
On the system you’re using to log in to the remote system, run the following command:
ssh-keygen -t rsa -f ~/.ssh/id_rsa

You’ll be prompted to create a passphrase. I highly recommend making one that’s secure and that you’ll also remember. This is how you’ll be logging in to a computer, so make it as secure as you can. That’ll be saved in a folder that the SSH program knows to look in.
Now, still on your main system, use the ssh-copy-id
command to transfer your public key to the remote system.
ssh-copy-id -n -i ~/.ssh/id_rsa USERNAME@IPADDRESS
Change the username and the IP address to the ones you used previously. This will show you the keys that would have been transferred if you actually executed the command. If it looks like the key you want, remove the -n
flag, and the command will run.
Now you can log into the remote system without entering a password.

Now that you have set up and used SSH, the next thing you should do is secure the SSH configuration. Alternatively, if you are using Windows, learn how you can generate an SSH key pair in Windows.
Related:
Thank you for this; I am not that technical and am worried that I may mess up the SSH key generation/copying process etc. and then log myself out of ‘my’ server.
For arguments’ sake, if I were to use a very long/complex random password (length say 50 random letters/numbers, which will have entropy of >>200 bits) for login would that not be similarly secure?
I probably don’t understand the process but suppose I have several (say 3) remote servers. Now if I use passwords i can use 3 different passwords, one per server; but if I were to generate SSH keys, would there be the same SSH key for the 3 remote servers? sorry for stupid question.
I think I might have tried to set up SSH keys before and couldn’t log into a previous server; how do i purge the ‘existing’ SSH keys on my PC?