Revisions to ssh tag wiki

add usage guidance; add more details to the introductory paragraph; update the Related Prorgams links

Source Link

edit approved Sep 11, 2017 at 11:59

13.6k
7
62
66

SSH is a protocol for securely running commands on a remote computer. It works by creating an encrypted connection between a client and a server listening on port 22 (by default). It was designed in the mid 1990s as a secure replacement for protocols such as Telnet and FTP which exchange data (including authentication tokens) in plain text.

Implementations

Dropbear is a lightweight implementation of SSH targeted at embedded devices.
OpenSSH, developed by the OpenBSD project, is by far the most common implementation of SSH, both server-side and client-side, in the unix world. If someone mentions SSH in a unix context, assume OpenSSH unless told otherwise.
PuTTY is an SSH client mostly found on Windows.

Related programs

AutoSSH: Automatically restart SSH sessions and tunnels
Corkscrew Corkscrew: tunnel through HTTP proxies
SSHFS SSHFS: mount remote filesystems over SSH

Troubleshooting

If public key authentication doesn’t work: make sure that on the server side, your home directory (~), the ~/.ssh directory, and the ~/.ssh/authorized_keys file, are all writable only by their owner. In particular, none of them must be writable by the group (even if the user is alone in the group). chmod 755 or chmod 700 is OK, chmod 770 is not.

What to check when something is wrong:

The most useful source of information for diagnosing problems with SSH connections is the messages logged by the SSH server. These are typically logged to /var/log/secure, /var/log/auth.log, /var/log/daemon.log or similar, depending on the OS/distribution. Relevant log messages should be included in in the question.
If you can’t access the server to check the logs, the next best option is to run ssh -vvv to see a lot of debugging output from the client’s perspective. If you post a question asking why you can't connect with SSH, include this output (you may want to anonymize host and user names).
If public key authentication isn't working, check the permissions again, especially the group bit (see above).

Implementations

Dropbear is a lightweight implementation of SSH targeted at embedded devices.
OpenSSH, developed by the OpenBSD project, is by far the most common implementation of SSH, both server-side and client-side, in the unix world. If someone mentions SSH in a unix context, assume OpenSSH unless told otherwise.
PuTTY is an SSH client mostly found on Windows.

Related programs

AutoSSH: Automatically restart SSH sessions and tunnels
Corkscrew: tunnel through HTTP proxies
SSHFS: mount remote filesystems over SSH

Troubleshooting

If public key authentication doesn’t work: make sure that on the server side, your home directory (~), the ~/.ssh directory, and the ~/.ssh/authorized_keys file, are all writable only by their owner. In particular, none of them must be writable by the group (even if the user is alone in the group). chmod 755 or chmod 700 is OK, chmod 770 is not.

What to check when something is wrong:

The most useful source of information for diagnosing problems with SSH connections is the messages logged by the SSH server. These are typically logged to /var/log/secure, /var/log/auth.log, /var/log/daemon.log or similar, depending on the OS/distribution. Relevant log messages should be included in in the question.
If you can’t access the server to check the logs, the next best option is to run ssh -vvv to see a lot of debugging output from the client’s perspective. If you post a question asking why you can't connect with SSH, include this output (you may want to anonymize host and user names).
If public key authentication isn't working, check the permissions again, especially the group bit (see above).

Implementations

Dropbear is a lightweight implementation of SSH targeted at embedded devices.
OpenSSH, developed by the OpenBSD project, is by far the most common implementation of SSH, both server-side and client-side, in the unix world. If someone mentions SSH in a unix context, assume OpenSSH unless told otherwise.
PuTTY is an SSH client mostly found on Windows.

Related programs

AutoSSH: Automatically restart SSH sessions and tunnels
Corkscrew: tunnel through HTTP proxies
SSHFS: mount remote filesystems over SSH

Troubleshooting

If public key authentication doesn’t work: make sure that on the server side, your home directory (~), the ~/.ssh directory, and the ~/.ssh/authorized_keys file, are all writable only by their owner. In particular, none of them must be writable by the group (even if the user is alone in the group). chmod 755 or chmod 700 is OK, chmod 770 is not.

What to check when something is wrong:

The most useful source of information for diagnosing problems with SSH connections is the messages logged by the SSH server. These are typically logged to /var/log/secure, /var/log/auth.log, /var/log/daemon.log or similar, depending on the OS/distribution. Relevant log messages should be included in in the question.
If you can’t access the server to check the logs, the next best option is to run ssh -vvv to see a lot of debugging output from the client’s perspective. If you post a question asking why you can't connect with SSH, include this output (you may want to anonymize host and user names).
If public key authentication isn't working, check the permissions again, especially the group bit (see above).

Implementations

Dropbear is a lightweight implementation of SSH targeted at embedded devices.
OpenSSH, developed by the OpenBSD project, is by far the most common implementation of SSH, both server-side and client-side, in the unix world. If someone mentions SSH in a unix context, assume OpenSSH unless told otherwise.
PuTTY is an SSH client mostly found on Windows.

Related programs

AutoSSH: Automatically restart SSH sessions and tunnels
Corkscrew: tunnel through HTTP proxies
SSHFS: mount remote filesystems over SSH

Troubleshooting

If public key authentication doesn'tdoesn’t work: make sure that on the server side, your home directory (~), the ~/.ssh directory, and the ~/.ssh/authorized_keys file, are all writable only by their owner. In particular, none of them must be writable by the group (even if the user is alone in the group). chmod 755 or chmod 700 is okOK, chmod 770 is not.

What to check when something is wrong:

RunThe most useful source of information for diagnosing problems with SSH connections is the messages logged by the SSH server. These are typically logged to /var/log/secure, /var/log/auth.log, /var/log/daemon.log or similar, depending on the OS/distribution. Relevant log messages should be included in in the question.

If you can’t access the server to check the logs, the next best option is to run ssh -vvv to see a lot of debugging output from the client’s perspective. If you post a question asking why you can't connect with sshSSH, include this output (you may want to anonymize host and user names).

If you can, check the server logs, typically in /var/log/daemon.log or /var/log/auth.log or similar.
If public key authentication isn't working, check the permissions again, especially the group bit (see above).

Implementations

Dropbear is a lightweight implementation of SSH targeted at embedded devices.
OpenSSH, developed by the OpenBSD project, is by far the most common implementation of SSH, both server-side and client-side, in the unix world. If someone mentions SSH in a unix context, assume OpenSSH unless told otherwise.
PuTTY is an SSH client mostly found on Windows.

Related programs

AutoSSH: Automatically restart SSH sessions and tunnels
Corkscrew: tunnel through HTTP proxies
SSHFS: mount remote filesystems over SSH

Troubleshooting

If public key authentication doesn't work: make sure that on the server side, your home directory (~), the ~/.ssh directory, and the ~/.ssh/authorized_keys file, are all writable only by their owner. In particular, none of them must be writable by the group (even if the user is alone in the group). chmod 755 or chmod 700 is ok, chmod 770 is not.

What to check when something is wrong:

Run ssh -vvv to see a lot of debugging output. If you post a question asking why you can't connect with ssh, include this output (you may want to anonymize host and user names).

If you can, check the server logs, typically in /var/log/daemon.log or /var/log/auth.log or similar.
If public key authentication isn't working, check the permissions again, especially the group bit (see above).

Implementations

Dropbear is a lightweight implementation of SSH targeted at embedded devices.
OpenSSH, developed by the OpenBSD project, is by far the most common implementation of SSH, both server-side and client-side, in the unix world. If someone mentions SSH in a unix context, assume OpenSSH unless told otherwise.
PuTTY is an SSH client mostly found on Windows.

Related programs

AutoSSH: Automatically restart SSH sessions and tunnels
Corkscrew: tunnel through HTTP proxies
SSHFS: mount remote filesystems over SSH

Troubleshooting

If public key authentication doesn’t work: make sure that on the server side, your home directory (~), the ~/.ssh directory, and the ~/.ssh/authorized_keys file, are all writable only by their owner. In particular, none of them must be writable by the group (even if the user is alone in the group). chmod 755 or chmod 700 is OK, chmod 770 is not.

What to check when something is wrong:

The most useful source of information for diagnosing problems with SSH connections is the messages logged by the SSH server. These are typically logged to /var/log/secure, /var/log/auth.log, /var/log/daemon.log or similar, depending on the OS/distribution. Relevant log messages should be included in in the question.

If you can’t access the server to check the logs, the next best option is to run ssh -vvv to see a lot of debugging output from the client’s perspective. If you post a question asking why you can't connect with SSH, include this output (you may want to anonymize host and user names).
If public key authentication isn't working, check the permissions again, especially the group bit (see above).

Implementations

Dropbear is a lightweight implementation of SSH targeted at embedded devices.
OpenSSH, developed by the OpenBSD project, is by far the most common implementation of SSH, both server-side and client-side, in the unix world. If someone mentions SSH in a unix context, assume OpenSSH unless told otherwise.
PuTTY is an SSH client mostly found on Windows.

Related programs

AutoSSH: Automatically restart SSH sessions and tunnels
Corkscrew: tunnel through HTTP proxies
SSHFS: mount remote filesystems over SSH

Troubleshooting

If public key authentication doesn't work: make sure that on the server side, your home directory (~), the ~/.ssh directory, and the ~/.ssh/authorized_keys file, are all writable only by their owner. In particular, none of them must be writable by the group (even if the user is alone in the group). chmod 755 or chmod 700 is ok, chmod 770 is not.

What to check when something is wrong:

Run ssh -vvv to see a lot of debugging output. If you post a question asking why you can't connect with ssh, include this output (you may want to anonymize host and user names).
If you can, check the server logs, typically in /var/log/daemon.log or /var/log/auth.log or similar.
If public key authentication isn't working, check the permissions again, especially the group bit (see above).

Implementations

Dropbear is a lightweight implementation of SSH targeted at embedded devices.
OpenSSH, developed by the OpenBSD project, is by far the most common implementation of SSH, both server-side and client-side, in the unix world. If someone mentions SSH in a unix context, assume OpenSSH unless told otherwise.
PuTTY is an SSH client mostly found on Windows.

Related programs

AutoSSH: Automatically restart SSH sessions and tunnels
Corkscrew: tunnel through HTTP proxies
SSHFS: mount remote filesystems over SSH

Troubleshooting

If public key authentication doesn't work: make sure that on the server side, your home directory (~), the ~/.ssh directory, and the ~/.ssh/authorized_keys file, are all writable only by their owner. In particular, none of them must be writable by the group (even if the user is alone in the group). chmod 755 or chmod 700 is ok, chmod 770 is not.

What to check when something is wrong:

Run ssh -vvv to see a lot of debugging output. If you post a question asking why you can't connect with ssh, include this output (you may want to anonymize host and user names).
If you can, check the server logs, typically in /var/log/daemon.log or /var/log/auth.log or similar.
If public key authentication isn't working, check the permissions again, especially the group bit (see above).

Implementations

Dropbear is a lightweight implementation of SSH targeted at embedded devices.
OpenSSH, developed by the OpenBSD project, is by far the most common implementation of SSH, both server-side and client-side, in the unix world. If someone mentions SSH in a unix context, assume OpenSSH unless told otherwise.
PuTTY is an SSH client mostly found on Windows.

Related programs

AutoSSH: Automatically restart SSH sessions and tunnels
Corkscrew: tunnel through HTTP proxies
SSHFS: mount remote filesystems over SSH

Troubleshooting

If public key authentication doesn't work: make sure that on the server side, your home directory (~), the ~/.ssh directory, and the ~/.ssh/authorized_keys file, are all writable only by their owner. In particular, none of them must be writable by the group (even if the user is alone in the group). chmod 755 or chmod 700 is ok, chmod 770 is not.

What to check when something is wrong:

Run ssh -vvv to see a lot of debugging output. If you post a question asking why you can't connect with ssh, include this output (you may want to anonymize host and user names).
If you can, check the server logs, typically in /var/log/daemon.log or /var/log/auth.log or similar.
If public key authentication isn't working, check the permissions again, especially the group bit (see above).

Stack Exchange Network

Return to the ssh wiki

Implementations

Related programs

Troubleshooting

Further reading

Implementations

Related programs

Troubleshooting

Further reading

Implementations

Related programs

Troubleshooting

Further reading

Implementations

Related programs

Troubleshooting

Further reading

Implementations

Related programs

Troubleshooting

Further reading

Implementations

Related programs

Troubleshooting

Further reading

Implementations

Related programs

Troubleshooting

Further reading

Implementations

Related programs

Troubleshooting

Further reading

Implementations

Related programs

Troubleshooting

Further reading