Tuesday, 2 July 2013

Centos 6/RHEL install and use OpenSSH (download file from remote machine)

OpenSSH is the protocol for connecting remote machines over a network. It has largely replaced telnet and others as being more secure and is now the ipso facto method for this type of connection on Linux machines.

This is a quick guide to using two RHEL based machines set up with static IPs and port 22 forwarded to them, as a client and server/remote.  You will also need to put some files in the remote machine home folder to download when it is set up.

It is just a basic guide to getting started and does not cover the many advanced aspects of SSH, but you will be able to use your remote machine via SSH to download/store/explore files and folders on it.

Set up a static IP and forward port 22 from the router, you will also need to do this on the remote machine, giving it a different static IP if using the internal ones available in the router.

Check if you have forwarded them correctly.

For this excercise I set up static IPs on two machines and forwarded port 22 for both in the router settings, I am just going to download 2 png files from the remote machine.

The remote (server) machine is anton2@Dell IPADDR 192.168.0.101

The local (client) machine is anton@Centos IPADDR 192.168.0.100

Remote server
To use OpenSSH first you have to install the clients and server packages on both machines if they are not already installed.

$ sudo yum -y install openssh openssh-clients openssh-server

$ ssh -V
OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010

In addition to being installed and using different static IPs with the port 22 forwarded to both you also need .ssh folders.

The Remote machine

So first set up your remote machine with an .ssh folder in the home directory after starting it up.(This can be used to copy the rsa key from the client machine as shown futher down this page)

$ sudo service sshd start

$ sudo service sshd status 

$ openssh-daemon (pid  1769) is running...

$ ssh-keygen -t rsa 

Generating public/private rsa key pair.
Enter file in which to save the key (/home/anton2/.ssh/id_rsa):
Created directory '/home/anton2/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/anton2/.ssh/id_rsa.
Your public key has been saved in /home/anton2/.ssh/id_rsa.pub.
The key fingerprint is:
3f:85:0e:86:c0:35:52:df:55:01:53:98:3d:7f:27:af anton2@Dell


The Local machine

Now switch to local machine and run the same commands which will accomplish exactly the same task.

$ sudo service sshd start

$ sudo service sshd status 

$ openssh-daemon (pid  1667) is running...

$ ssh-keygen -t rsa

Generating public/private rsa key pair.
Enter file in which to save the key (/home/anton/.ssh/id_rsa):
Created directory '/home/anton/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/anton/.ssh/id_rsa.
Your public key has been saved in /home/anton/.ssh/id_rsa.pub.
The key fingerprint is:
3c:85:0e:76:c0:37:52:df:55:00:53:78:3c:7d:27:af anton@Centos


Now you have the two machines setup ready to use with both servers running and .ssh folders in the home directories.

Try it out by copying the password file you just generated into
the remote machine /home/<user>/.shh folder.

[anton@Centos ~]$ scp /home/anton/.ssh/id_rsa.pub anton2@192.168.0.101:/home/anton2/.ssh/id_rsa.pub
The authenticity of host '192.168.0.101 (192.168.0.101)' can't be established.
RSA key fingerprint is 99:c2:f5:76:06:65:52:8d:92:c7:d3:60:a9:df:4e:1c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.101' (RSA) to the list of known hosts.
anton2@192.168.0.101's password:
id_rsa.pub                                    100%  394     0.4KB/s   00:00 


The above command will copy the id_rsa.pub file from the hidden .ssh folder on the client to the corresponding folder on the remote machine and add the address to the 'known hosts' file.
The 100% shows a successful upload into the .ssh folder on that machine.

Create a testdownload directory and move into it.

$ mkdir testdownlod && cd testdownload   

So now we download the 2 files placed on the remote machine using the scp command giving the name and IP address of the remote machine & filename from/to.


$ scp anton2@192.168.0.101:speccy.png speccy.png
anton2@192.168.0.101‘s password:
speccy.png                                    100%  184KB 184.4KB/s   00:00


$ scp anton2@192.168.0.101:anton2.png anton2.png
anton2@192.168.0.101‘s password:
speccy.png                                    100%  184KB 184.4KB/s   00:00


View the files

$ ls
anton2.png  speccy.png


The following example shows uploading the file to the server.

$ scp speccy.png anton2@192.168.0.101:/home/anton2/speccy.png

Lots more information from  http://www.openssh.org/