Connecting with SSH
ssh, keys, scp — reach a remote server.
SSH (Secure Shell) is how you connect to and run commands on a remote Linux server — an encrypted terminal session over the network. It is the single most important remote-access tool in operations: nearly every server you touch, you reach over SSH. The basic form is ssh user@host, which opens a shell on that machine as that user, and from there you work exactly as if you were sitting at it.
$ ssh deploy@web-01.acme.internaldeploy@web-01:~$ # you now have a shell ON the remote serverdeploy@web-01:~$ hostnameweb-01deploy@web-01:~$ exit # or Ctrl-D to disconnect and return to your machine$ # back on your local machine
Keys, not passwords
You can authenticate with a password, but the standard is a key pair: you generate a private key (kept secret, on your machine) and a public key (installed on the server). The server challenges your key, and you are in — no password to type or brute-force. Generate a modern key with ssh-keygen, then ssh-copy-id installs your public key on the server. After that, ssh logs you in with the key automatically.
$ ssh-keygen -t ed25519 # generate a key pair (add a passphrase when asked)Your identification has been saved in /home/deploy/.ssh/id_ed25519Your public key has been saved in /home/deploy/.ssh/id_ed25519.pub$ ssh-copy-id deploy@web-01 # install your PUBLIC key on the server$ ssh deploy@web-01 # now logs in with the key — no password promptdeploy@web-01:~$
scp and the SSH config
SSH also moves files: scp (from the command reference) copies over the same secure channel. And typing full host names gets old, so ~/.ssh/config lets you define shortcuts — a friendly name, the real host, the user, the key — so ssh web01 just works. This is where you also set up jump hosts and per-server options; for a beginner, the alias alone saves a lot of typing.
Host web01HostName web-01.acme.internalUser deployIdentityFile ~/.ssh/id_ed25519# now simply: ssh web01 (and: scp file.txt web01:/opt/app/)