What is SSH?

The Secure SHell protocol (SSH)

SSH is a protocol for communicating between a client and a remote machine. Here the term “client” is used to describe a user or a machine that initiates the connection to a remote machine. You have to understand this concept of client and server. A client “asks” the remote machine (the server for example) and the remote machine executes what is asked by the client. This term “client” can be used for your computer when you are browsing the web: through your browser you ask a server to display a website. Your computer is the client, the server is the remote machine.

So we just said the Secure SHell connection is a protocol for communicating between a client and a remote machine. We have already seen that! Yes we did! We’ve seen that when we learned how to use FTP to access to your website files. FTP is another protocol of communication between a client and a server. The biggest difference between FTP and SSH protocols is that the communication is encrypted when you use SSH. The other thing is that SSH offers a large panel of commands that will help you deal with almost everything regarding your server and website administration.

What can I do with SSH?

Ok let’s see some examples of what you can do with SSH:

  • create an archive of all your files
  • send a directory from the server to your computer, or to another server and reversely
  • modify a file directly on your server
  • export your database
  • copy a file
  • change the Apache configuration

All of these actions will be fast as hell thanks to this protocol. The counterpart is it’s risky because there is no system that will prevent a mishandling so it has to be used with caution. But don’t be afraid we are going to see that in a more detailed way!

How to connect to a server using SSH?

Depending if you are on Windows, Linux, or MacOS you will use different kind of tools to connect to your server through SSH. Even if we strongly recommend to use Linux for your business or home computer, we’ll see how to connect to your server through a tool like Putty.

To connect in SSH with Putty, you have to download it from the Putty website. Then open it and just enter the IP address in the “Host Name” field of the Putty window:

Putty

Click on “Open” and then enter the user with whom you are going to connect in SSH.

In Linux or Mac, just open a terminal and then enter the command that will be formatted like this:

ssh user@IP

“User” is the username of the user who has the rights on the server to connect through SSH.

“IP” is the IP of your server. You can also enter your domain name.

Depending on the user rights you will access at different points of your server. Remember the article about “Users and Groups in a LAMP Stack“, we have seen a user has some rights for a specific directory. This directory is called its “home”. So when you connect with a user, by SSH or FTP, you access to this user’s home.

Let’s take this example:

root:x:0:0:root:/root:/bin/bash
guysintech:x:10011:503::/var/www/vhosts/mydomain.com:/bin/sh

We can see two users, “root” and “guysintech”. These two users have two different homes:

  • “root” has the directory “root/” as home
  • “guysintech” has the directory “mydomain.com” as home. This directory is located at “/var/www/vhosts/”. This is the path from the root of the server. You know a directory can be included in another directory which is itself in another directory but at a given point there is a master directory which is not included in anything. We say that this directory is at the root of the server. So here, “/var” is a directory located at the root of the server, and this directory includes another directory called “www” which includes another directory called “vhosts” which includes another directory called “mydomain.com”. That’s what the path from the root of the server to the user’s home is.

Note the user “root” has its home in the directory called “root” which is itself at the root of the server.

So if you connect with the user “guysintech” using the command

ssh guysintech@123.456.78.9

you will access to the “mydomain.com” directory at the server associated to the IP 123.456.78.9.

If you connect with the user “root” using the command

ssh root@123.456.78.9

you will access to the root of the server associated to the IP 123.456.78.9. “root” user is the super power user. You can access everything (or almost) on your server. So it’s a magic user but you have to use it with caution because you can do everything: from changing some settings of your server to removing all the files of your server! Why can you change the settings of your server with the user “root” while you cannot with the user “guysintech”? Because the server setting files of your server are located near the root of the server and cannot be accessed by “classic” users (users who are managing websites only).

Now let’s see how to use SSH on a daily basis!