Unix - Remote System Administration with SSH in UNIX

Introduction

SSH (Secure Shell) is a network protocol that allows administrators and users to securely access and manage remote systems over an unsecured network. It replaces older protocols such as Telnet and Rlogin, which transmitted data in plain text and posed significant security risks. SSH encrypts all communication between the client and the server, ensuring confidentiality, integrity, and authentication.

SSH is one of the most important tools in UNIX and Linux system administration because it enables administrators to perform tasks on remote machines as if they were physically present at the system.

What is SSH?

SSH is a cryptographic protocol used to establish a secure connection between two computers. The computer initiating the connection is known as the SSH client, while the computer receiving the connection is called the SSH server.

The SSH protocol provides:

  • Secure remote login

  • Secure file transfer

  • Encrypted communication

  • Authentication of users and systems

  • Remote command execution

A typical SSH session allows a user to log in to a remote UNIX server and perform administrative tasks through a command-line interface.

SSH Architecture

SSH follows a client-server architecture.

SSH Client

The SSH client is installed on the local machine from which the user initiates the connection.

Examples:

  • OpenSSH Client

  • PuTTY (Windows)

  • Terminal applications on UNIX/Linux

SSH Server

The SSH server runs on the remote machine and listens for incoming SSH requests.

Common SSH server software:

  • OpenSSH Server

The SSH server usually listens on port 22.

How SSH Works

When a user initiates an SSH connection, several processes occur:

Step 1: Connection Establishment

The client contacts the server using its IP address or hostname.

Example:

ssh [email protected]

Step 2: Server Authentication

The server presents its public key to prove its identity.

The client checks whether the server's key matches the one stored locally.

Step 3: Encryption Setup

Both systems negotiate encryption algorithms and generate session keys.

This ensures that all subsequent communication is encrypted.

Step 4: User Authentication

The user must prove their identity using:

  • Password authentication

  • Public key authentication

  • Multi-factor authentication

Step 5: Secure Session Creation

After successful authentication, a secure shell session is established.

The user can now execute commands remotely.

Installing SSH on UNIX Systems

Most modern UNIX and Linux systems use OpenSSH.

Checking SSH Client

ssh -V

Output:

OpenSSH_9.0

Checking SSH Server

systemctl status sshd

or

service sshd status

Starting SSH Service

sudo systemctl start sshd

Enabling SSH at Boot

sudo systemctl enable sshd

Basic SSH Commands

Remote Login

ssh username@hostname

Example:

ssh [email protected]

Login Using IP Address

ssh [email protected]

Specifying a Port

ssh -p 2222 [email protected]

This connects using port 2222 instead of the default port 22.

Executing a Remote Command

ssh admin@server "date"

Output:

Mon Jun 2 10:30:00 UTC 2026

The command executes remotely and returns the result.

SSH Authentication Methods

Password Authentication

The server requests a username and password.

Advantages:

  • Easy to use

  • Simple setup

Disadvantages:

  • Vulnerable to brute-force attacks

  • Less secure than key-based authentication

Public Key Authentication

This method uses a pair of cryptographic keys:

  • Public Key

  • Private Key

The public key is stored on the server.

The private key remains on the client system.

Only a user possessing the correct private key can authenticate successfully.

Advantages:

  • Strong security

  • No need to enter passwords repeatedly

  • Suitable for automation

Generating SSH Keys

Create a Key Pair

ssh-keygen

Output:

Generating public/private rsa key pair.

Files generated:

~/.ssh/id_rsa
~/.ssh/id_rsa.pub

Where:

  • id_rsa = Private key

  • id_rsa.pub = Public key

Copying Public Key to Server

Use:

ssh-copy-id user@server

Example:

ssh-copy-id [email protected]

This places the public key in:

~/.ssh/authorized_keys

on the remote server.

SSH Configuration Files

Client Configuration

Location:

~/.ssh/config

Example:

Host webserver
    HostName 192.168.1.100
    User admin
    Port 22

Now users can connect simply by typing:

ssh webserver

Server Configuration

Location:

/etc/ssh/sshd_config

Common settings:

Port 22
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes

Changes require restarting the SSH service.

sudo systemctl restart sshd

Secure File Transfer Using SSH

SCP (Secure Copy)

Copy file to remote system:

scp file.txt user@server:/home/user/

Copy file from remote system:

scp user@server:/home/user/file.txt .

SFTP (Secure File Transfer Protocol)

Connect using:

sftp user@server

Common commands:

put file.txt
get report.txt
ls
pwd
quit

SFTP provides secure file transfer capabilities over SSH.

SSH Tunneling

SSH tunneling securely forwards network traffic through an encrypted SSH connection.

Local Port Forwarding

Example:

ssh -L 8080:localhost:80 user@server

This forwards local port 8080 to remote port 80.

Remote Port Forwarding

Example:

ssh -R 9000:localhost:22 user@server

This exposes a local service to a remote machine.

Dynamic Port Forwarding

Example:

ssh -D 1080 user@server

Creates a SOCKS proxy for secure browsing and traffic forwarding.

SSH Security Best Practices

Disable Root Login

Edit:

/etc/ssh/sshd_config

Set:

PermitRootLogin no

This prevents direct root access.

Disable Password Authentication

Set:

PasswordAuthentication no

This forces key-based authentication.

Change Default Port

Example:

Port 2222

Changing the port can reduce automated scanning attempts.

Use Strong Keys

Generate modern keys:

ssh-keygen -t ed25519

These provide stronger security than older algorithms.

Limit User Access

Allow only specific users:

AllowUsers admin backupuser

Use Multi-Factor Authentication

Combine:

  • SSH key authentication

  • One-time password systems

  • Authentication applications

This significantly improves security.

Common SSH Administrative Tasks

Monitoring Logged-In Users

who

Viewing Active SSH Sessions

w

Checking SSH Service Status

systemctl status sshd

Reviewing SSH Logs

tail -f /var/log/auth.log

or

tail -f /var/log/secure

depending on the UNIX distribution.

Troubleshooting SSH Issues

Connection Refused

Possible causes:

  • SSH service not running

  • Firewall blocking port 22

  • Incorrect port number

Permission Denied

Possible causes:

  • Incorrect password

  • Invalid SSH key

  • Improper file permissions

Host Key Verification Failed

Occurs when the server's key changes unexpectedly.

Solution:

Remove the old key:

ssh-keygen -R hostname

Then reconnect.

Advantages of SSH for System Administration

  • Secure remote access

  • Encrypted communication

  • Strong authentication methods

  • Remote command execution

  • Secure file transfer

  • Automation support through scripts

  • Reduced need for physical server access

  • Cross-platform compatibility

Conclusion

SSH is the foundation of modern UNIX remote administration. It provides a secure and efficient way to manage servers, transfer files, execute commands, and automate administrative tasks over networks. By using strong authentication methods, proper configuration practices, and security enhancements such as key-based authentication and multi-factor authentication, system administrators can safely manage large numbers of UNIX systems from virtually anywhere in the world.