ssh – Internetblog.org.uk https://www.internetblog.org.uk Web hosting, Domain names, Dedicated servers Fri, 29 Jan 2016 11:05:52 +0000 en-US hourly 1 https://wordpress.org/?v=4.9.5 https://www.internetblog.org.uk/files/2016/01/cropped-favico-32x32.png ssh – Internetblog.org.uk https://www.internetblog.org.uk 32 32 Server Networking Tips https://www.internetblog.org.uk/post/1570/server-networking-tips/ Mon, 26 Jul 2010 16:47:58 +0000 http://www.internetblog.org.uk/post/1570/server-networking-tips/ Cisco network switch
Over the past year, we have covered many networking tips for servers. Here is a brief summary of the most important networking tips you should keep in mind for your dedicated server.

1. Use both a router firewall and a software firewall
2. Your name servers should be hosted on at least two different servers
3. If you use content delivery services, make sure they have servers close to your primary users
4. Block all ports except the most essential (i.e. web server, ssh, ftp)
5. Use traceroute and dns lookups to test network connectivity issues
6. Be sure to follow Internet standards with your DNS records
7. Use SSH, SCP, SFTP, and other secure protocols whenever you need to connect to your server

Photo Source: Flickr

]]>
Rsync Incremental Backups https://www.internetblog.org.uk/post/1560/rsync-incremental-backups/ Thu, 22 Jul 2010 16:31:33 +0000 http://www.internetblog.org.uk/post/1560/rsync-incremental-backups/ Question: How can I easily perform incremental backups on my dedicated server?

Answer: There are few tasks more important than backing up your server. Because of the nature of computers and especially the nature of the Internet, you are bound to have problems. They may or may not cause data loss, but that is not a chance you want to take.

Rsync is a tool that simply syncs the files in one directory with another. What makes it ideal for backups is that 1) it can archive files and compress them and 2) it can use SSH to perform the backups to remote servers.

To run an rsync backup, just execute the command like this:

rsync -avz ~/public_html username@hostname.com:/home/user/backupfiles/

This will backup, archive, and compress the files found in public_html on your server. Finally, it will send those archives to the remote server in the directory specified. The best part about rsync is that, the next time you perform a backup, it will only backup the files that have changed (i.e. incremental backups), saving you bandwidth and time.

]]>
Free SSH Programs for Download https://www.internetblog.org.uk/post/1510/free-ssh-programs-for-download/ Thu, 08 Jul 2010 17:42:14 +0000 http://www.internetblog.org.uk/post/1510/free-ssh-programs-for-download/ terminal emulator
SSH or Secure Shell is a secure method of accessing your web server for manipulation or file transfer (using SCP or SFTP). Here are a few software applications that you can use to access your server via SSH.

1. OpenSSH

OpenSSH is the primary SSH client and server used for Linux, BSD, Mac OS X and other Unix-like operating systems. It is free and open source and is part of the OpenBSD project. It includes scp and sftp for secure file transfers.

2. PuTTY

Although it works with both Windows and Unix, Putty is mostly used by Windows users, since SSH is not installed on Windows by default (unlike Linux and Mac OS X). PuTTY is free and open source.

GUI Applications

1. Filezilla

Filezilla is a file transfer application that includes support for scp and sftp. It is free, open source, and has cross-platform support.

2. WinSCP

A GUI file transfer program, WinSCP supports scp and sftp, and it is core is based on PuTTY. WinSCP is free and open source.

3. Cyberduck

Cyberduck is a file transfer application for Mac OS X that supports SFTP. It is free and open source software.

]]>
How to Connect via SSH https://www.internetblog.org.uk/post/1502/how-to-connect-via-ssh/ Tue, 06 Jul 2010 19:03:02 +0000 http://www.internetblog.org.uk/post/1502/how-to-connect-via-ssh/ SSH secure iconSSH stands for Secure Shell and is a secure encrypted method of connecting to a server for shell/command line access. It can be useful for shared hosting, virtual private servers, and dedicated servers. Linux server usually come with SSH enabled by default, although some web hosts may disable it for shared hosting accounts.

To connect to your server via SSH, simply type:

ssh -l(username) hostname_or_ip

It will prompt you for a password. Type your password, and you should be connected. Some web hosts may use a different port for SSH, other than the default port (22). If so, you will need to specify it, for example:

ssh -p 2222 -lmyname webserver.com

Normal Linux/Unix shell commands apply, once you are logged into the server. When you are finished, simply type “exit”.

]]>
How to Login as a Different User in Linux https://www.internetblog.org.uk/post/1450/how-to-login-as-a-different-user-in-linux/ Mon, 21 Jun 2010 16:28:00 +0000 http://www.internetblog.org.uk/post/1450/how-to-login-as-a-different-user-in-linux/ System usersSometimes when I am working on a project and come across a new powerful Linux command, I need to test it. With a live dedicated server, that can be a recipe for disaster. Rather than taking such a risk with your websites and possibly the websites of customers (if you also host sites), I recommend creating test accounts.

A test user will have a unique set of configuration settings, its own home folder, and its own username and password. The second dilemma I encountered, however, was that once the account was created, I did not want to always have to log out of SSH and then login as the other user. In fact, for security reasons, I did not want the test user to have SSH access all.

Normally, the “su” command is used to become root, but you can also use it to login as any other user, directly from your SSH command prompt. To execute the command, type:

su -- username

It will then ask you for the specified user’s password. Enter it, and you are ready to test.

Image Source: Oxygen icons

]]>
How to Enable/Disable Root Login in SSH https://www.internetblog.org.uk/post/1441/how-to-enabledisable-root-login-in-ssh/ Fri, 18 Jun 2010 14:09:51 +0000 http://www.internetblog.org.uk/post/1441/how-to-enabledisable-root-login-in-ssh/ Logging in as root via SSH
Question: I have heard that enabling root login in SSH can be a security risk. Is that true, and if so, how do I disable it?

Answer: The truth is that having root logins enabled is not in itself a security risk. The real risk comes from having an easily hacked root password or non-secure web applications on your server that allow hackers to decipher the root password. Disabling root login gives those hackers one less avenue to exploit, and if you do not need to login directly as root through SSH, there is really no reason to have it enabled.

Actually disabling the root login is not nearly as complicated as my above explanation. Just follow these steps:

1. Login to your server via SSH
2. Become root:
su
3. Edit /etc/ssh/ssh_config
4. Add the following line:
PermitRootLogin no
5. Save and exit

Photo Source: Flickr

]]>
What to do when your server goes down https://www.internetblog.org.uk/post/1427/what-to-do-when-your-server-goes-down/ Mon, 14 Jun 2010 20:57:52 +0000 http://www.internetblog.org.uk/post/1427/what-to-do-when-your-server-goes-down/ Stressed woman
First of all: do not panic. What may appear to be an outage, may actually be an issue with your network connection or Internet congestion. Once you have eliminated the usual suspects, there are a few steps you can take to resolve the issue quickly and get your dedicated server back up and running.

1. Test an SSH connection. If you can still SSH into your server, you most likely just have a software issue. If your web server application (such as Apache) has crashed, a simple restart may fix the problem. If you notice it starting to crash routinely every day or every week, you may have a security exploit.

2. If you cannot SSH into your server, try to ping and traceroute the server. If you get network connections all the way up the traceroute but cannot connect to your server, that means the network is fine, but the physical server may have crashed or been shutdown. Follow the normal procedure for rebooting. If your server is remote, you can ask your web host to reboot it. Some hosts also have automatic reboot switches that you can activate remotely. If something is wrong with the network, check with your host. They may already be diligently trying to fix the problem.

3. If rebooting does not fix the problem, and you cannot access your server, your host may offer you a KVM connection so that you can troubleshoot your server’s network settings.

4. If your host cannot even get the server to start in order to use KVM, they will probably have to re-image your box. This will erase everything, and you will be thankful at this point that you have kept backups of all websites on your server.

Photo Source: stock.xchng

]]>
Secure File Transfer from SSH https://www.internetblog.org.uk/post/1325/secure-file-transfer-from-ssh/ Mon, 17 May 2010 18:55:17 +0000 http://www.internetblog.org.uk/post/1325/secure-file-transfer-from-ssh/ SSH secure iconIf you are accustomed to working with a graphical interface, such as Windows or Mac OS, having to manage your server from the command line can be arduous, but it is sometimes necessary. In some situations, for example, you might need to send a file directly from the server without jeopardizing security.

Assuming you are already logged into your server via SSH, you can also use the secure shell to send files. The command that handles this is called SCP, which stands for Secure Copy. SCP encrypts the file and any passwords, unlike FTP or RCP.

Sending files only involves a single line of commands. For example, if you wanted to send a file called “database.sql” to your backup server at “mybackup.me”, you would enter the following:

scp database.sql username@mybackup.me:/home/username/sqlbackup

Replace “username” with your actual username on the backup server, and the path after the “:” should match the actual path on the backup server where you want the copied file stored.

After you finish, you do not even need to disconnect. The connection will only stay open as long as SCP is sending the file. For more advanced SCP tips, type “man scp” from the command line.

Image: Wikimedia Commons

]]>
How to create an SSH key https://www.internetblog.org.uk/post/1255/how-to-create-an-ssh-key/ Wed, 28 Apr 2010 15:09:44 +0000 http://www.internetblog.org.uk/post/1255/how-to-create-an-ssh-key/ SSH folder icon
An SSH key is a secure encrypted code that allows you to connect to a server without having to type the password in plain text. To setup a key, follow these instructions:

1. First you need to connect to an SSH host on each machine (this will create the .ssh directory in your home directory):

ssh anymachine.com

2. On the local machine, type:

ssh-keygen -t dsa

It will prompt you for the secret passphrase. After you enter the passphrase, it will create id_dsa and id_dsa.pub in the /home/user/.ssh directory.

3. Next copy the above-mentioned files to the remote server:

scp ~/.ssh/id_dsa.pub yourdomain.com:.ssh/authorized_keys2

4. Now tell your server which key to use:

ssh-agent sh -c 'ssh-add < /dev/null && bash'

It will ask your for your passphrase and create a new bash shell.

5. Finally, type ssh yourdomain.com (It should now connect without asking you for a password).

Source: http://pkeck.myweb.uga.edu/ssh/
Photo Source: Wikimedia Commons

]]>
Troubleshooting website connectivity issues https://www.internetblog.org.uk/post/1170/troubleshooting-website-connectivity-issues/ Mon, 05 Apr 2010 21:31:50 +0000 http://www.internetblog.org.uk/post/1170/troubleshooting-website-connectivity-issues/ Traceroute command
Nothing is worse than waking up and finding out your website is down. The immediate reaction is to grab the phone and drop an anger bomb on your web hosting provider. While it certainly could be a problem with your server, there are a few things to check before going ballistic on the IT guys.

1. Check your own network connectivity. If your website (or the email associated with it) was the first sign of a problem, you might find that other websites are down as well. If this is the case go through normal ISP connectivity troubleshooting.

2. Check your web host’s website for any connection status notices.

3. Try to connect to your server via FTP and/or SSH.

4. Try a traceroute to see if there are connection hiccups along the way.

5. Use a remote service to run a traceroute. It may be a connection problem only for your service provider. You can also check the Internet health.

6. Contact your web host.

You can do all of these checks in less than 5 minutes, so do not worry about wasting time when you could have been tearing into your web host on the phone. With the right tools at your disposal, you can be up and running again in a matter of minutes.

Photo Source: Wikimedia Commons

]]>