Linux

Learn SSH: Config File

In this article series, I will explain how to use a command-line terminal to connect to secure shell (SSH) servers, using the config file for quick access to frequently used servers, and setting up an SSH server on macOS, Ubuntu, or CentOS.

Table of Contents:

– Introduction
– SSH CLI Commands
SSH Config File

SSH config file makes it easier to connect to frequently used servers. Here, I start with a simple server setup and then explain how to setup proxy jumps.

SSH config file is located in home directory under “.ssh” folder:

~/.ssh/config

For each server, add a block of text starting with “Host” followed by a memorable name for that server.

Host favorite_ssh

Add information like the address of the host on the following line with indentation:

Host favorite_ssh
        HostName ip_or_address_of_server
        User username_at_the_server

Now save the file. To connect to the sever, in a terminal window simply type ssh followed by the name you chose in the config file:

$ ssh favorite_ssh

This is equivalent of typing the following command:

$ ssh username_at_the_server@ip_or_address_of_server

You can add the identity file location to the config file as well:

Host favorite_ssh
        HostName ip_or_address_of_server
        User username_at_the_server
        IdentityFile ~/.ssh/my_private_key

which is equivalent of the following command:.

$ ssh username_at_the_server@ip_or_address_of_server -i ~/.ssh/my_private_key

You can add multiple servers to the config file:

Host favorite_ssh
        HostName ip_or_address_of_server
        User username_at_the_server
        IdentityFile ~/.ssh/my_private_key

Host favorite_ssh_2
        HostName ip_or_address_of_server_2 
        User username_at_the_server_2
        IdentityFile ~/.ssh/my_private_key_3

Host favorite_ssh_3
        HostName ip_or_address_of_server_3 
        User username_at_the_server_3
        IdentityFile ~/.ssh/my_private_key_3

You can add a proxy or jump server to the config file as well and use it to connect to your “favorite_ssh”:

Host proxy_1
        HostName ip_or_address_of_proxy_server
        User username_at_proxy_server
        IdentityFile ~/.ssh/proxy_server_private_key

Host favorite_ssh
        HostName ip_or_address_of_server
        User username_at_the_server
        IdentityFile ~/.ssh/my_private_key
        ProxyJump proxy_1

You can also use wildcards to use a same setting for a range of IP addresses (10.0.* and 10.1.0.*) :

Host proxy_1
        HostName ip_or_address_of_proxy_server
        User username_at_proxy_server
        IdentityFile ~/.ssh/proxy_server_private_key

Host 10.0.*
        User username_at_these_servers
        IdentityFile ~/.ssh/my_private_key_for_all_the_servers
        ProxyJump proxy_1


Host 10.1.0.*
        ProxyJump proxy_1

Now to connect to a server with IP address of 10.0.0.1, you can use the following command:

$ ssh 10.0.0.1

Or to connect to 10.1.0.2 with a username “my_user”, you can run:

$ ssh my_user@10.1.0.2

Let me know your questions and comments in the comment section.

Learn SSH: CLI Commands

In this article series, I will explain how to use a command-line terminal to connect to secure shell (SSH) servers, using the config file for quick access to frequently used servers, and setting up an SSH server on macOS, Ubuntu, or CentOS.

Table of Contents:

Introduction
SSH CLI Commands
SSH Config File

Establish SSH Connection

To SSH to a remote server with a username and password, type the following command in a terminal:

ssh username@server_address

You will be prompted for a password.

To SSH to a remote server with a private key, type the following command in a terminal:

ssh username@server_address -i ~/path/to/private/key

Replace ~/path/to/private/key with the actual path to your private key.

To connect to a remote server on a specific port, use the -p flag:

ssh username@server_address -p port_number

or

ssh username@server_address -i ~/path/to/private/key -p port_number

Replace port_number with the actual port number of the remote server.

Local Forward

To access a remote service, such as a database server on your local machine, you can use local port forwarding:

ssh -L localPort:server_address:remotePort username@server_address

For example, if the service you are trying to access locally is accessible on the remote server on port 5555, you can use the following command to get access to that service on a local port, such as 5657:

ssh -L 5657:server_address:5555 username@server_address

Now you can connect to the service using localhost:5657 or 127.0.0.1:5657.

Remote Forward

To access a local service on the remote server, you can use remote port forwarding:

ssh -R localPort:server_address:remotePort username@server_address
Jumpbox

To access a protected server through another accessible server, use the -j flag. Consider server_a as the jump box and server_b as the protected server, you’re trying to reach:

Local –> server_a –> server_b

ssh -J username_a@server_a username_b@server_b 

If you need to jump through more servers, try the following command:

Local –> server_a –> server_b –> server_c

ssh -J username_a@server_a,username_b@server_b username_c@server_c
Socks Proxy

To access the network and browse the private web pages on a remote server, you can create a SOCKS proxy. Choose a port number for your proxy, such as 8080, and create the link as:

ssh -D 8080 username@server_address

Now, set up a proxy on your local machine/browser to 127.0.0.1:8080 address and port.

Let me know your questions and comments in the comment section.

Next article in the series: SSH Config File

Install Python 3.7 on CentOS with all dependencies

In this post, I will go through installing Python 3.7 and all its dependencies on CentOS. Unlike Ubuntu, Python is not readily accessible using ‘yum’ package manager on CentOS. Therefore, we first need to install a few packages before installing Python.

$ sudo yum groupinstall -y "Development Tools"

$ sudo yum install –y gcc zlib-devel bzip2 bzip2-devel readline-devel sqlite sqlite-devel openssl-devel tk-devel libffi-devel xz-devel gdbm-devel ncurses-devel db4-devel wget

Now that we installed all the dependencies, we need to download the latest Python from its website, https://www.python.org/downloads/:

$ wget https://www.python.org/ftp/python/3.7.4/Python-3.7.4.tgz

Then, we need to extract the files from the archive and configure the installation:

$ tar -xzvf Python-3.7.4.tgz

$ sudo sh Python-3.7.4/configure --enable-optimizations

Finally, we run the following command to install Python:

$ sudo make altinstall

Your Python is now installed in the following folder: /usr/local/bin/

Optionally, you can make a link to access your Python using python3 command:

$ sudo ln -s /usr/local/bin/python3.7 /usr/bin/python3

$ sudo ln -s /usr/local/bin/pip3.7 /usr/bin/pip3

Note, if you cannot access Python by typing “python3”, you may need to add the following line to your .bashrc file:

export PATH=$PATH:/usr/local/bin/

Note: Your .bashrc is located in your home folder.

Now, disconnect and then connect back to your machine.

Please let me know if you had any questions or concerns in the comment section.