With Secure Shell there are a number of ways to use (and configure) this tool to make it more useful and more secure. In this article  you will learn five different (and handy) secure shell tips to make sure your ssh usage is as good as it can be. And for some basic secure shell knowledge, check out my article “Get to know Linux: Secure shell“.

Password-less logon

Have have dealt with this before (as a side note), but wanted to re-iterate this process. Because I use ssh so much I get tired of having to enter passwords constantly. Now I will preface this by saying only do this on a network you trust. Yes you will be logging into ssh with a certificate, and that certificate will be on your machine, but you don’t want to employ this method on a network that can not be trusted. With that in mind, here are the steps for setting this up.

On the local machine issue the command:

ssh-keygen -t dsa

This command will generate a public key that will be then copied to your server. During this creation process you will be asked for a password – just press enter to use a blank password for this. You will have to verify the password, so hit enter again. )

With the key created you have to copy it to the server you want to ssh into. To do this enter the command:

ssh-copy-id -i .ssh/id_dsa.pub username@destination

Where username is the username you will be logging into on the remote server and destination is the IP address of the remote server.

Now when you go to secure shell into that remote machine you will not have to enter a password.

Block root login

Although secure shell is a secure means of logging into your server, you do not want to allow root access (for obvious reasons). Blocking root access is simple. Open up the /etc/ssh/sshd_config file and look for this line:

PermitRootLogin

and make sure it is set to “no” (no quotes). So the complete line will read:

PermitRootLogin no

Once you have saved that file, restart the ssh daemon with the command:

sudo /etc/init.d/ssh restart

Now the root user can no longer log in remotely via ssh.

Enable X tunneling

Secure shell is made even more powerful when you can run a remote X application on your local machine. And what is better is that it’s not difficult at all. In order to allow X tunneling you will first need to open up the /etc/ssh/sshd_config file and search for this line:

X11Forwarding

and make sure it looks like:

X11Forwarding yes

Once that is set save the file, restart sshd, and you are ready to tunnel and X Windows application through ssh. To accomplish this you have to add the -X flag to your secure shell command like this:

ssh -v -l USERNAME IP_ADDRESS -X

Where USERNAME is the username you want to log in with and IP_ADDRESS is the actual IP address of the machine you are logging into.

Final thoughts

There are so many cool tricks and tips with secure shell, but the above three are, in my opinion, the most helpful. Have you come across a helpful ssh tip you’d like to share? Or are you looking for a particular behavior out of secure shell? If so. share with your fellow Ghacks readers.

Related posts

• Linux Command Line Fu (5)
• Get To Know Linux: Secure Shell (4)
• Yoggie PICO Personal Mobile Security Computer (3)
• With Ubuntu 9.10 Arrives Wubi 9.10 (2)
• Widgets for Linux: SuperKaramba (6)

Each submitted Linux command – to be honest there are a few command submissions for other operating systems but the majority is pure Linux – lists the command itself and a description provided by the author of the command. There will also be information about the author, the date the Linux command has been submitted and the amount of votes that it received.

Logged in users can vote, leave comments or report a command as malicious. Command-Line Fu can be accessed with an Open ID.

The site features a search engine and will also post new commands submitted to the site to a Twitter account. The site would do good to provide a list of all available commands to print it or save it in a text document format. It is still a very interesting resource for Linux users who work with the Linux command line regularly.

Related posts

• Searching for Files in Linux via Command Line (3)
• Get To Know Linux: gnome-terminal (5)
• Five handy secure shell tips and tricks (8)
• Burn CDs From Command Line (4)
• YubNub a social internet command line (2)