/ What is Sudo?

Connecting to Linux servers

I’ve mentioned before how if you are deploying your application to a server, it will most likely be Linux. It is therefore important that you are able to connect to your Linux server and understand how that connection works.

This post is part of the "what is sudo?" series, which aims to help understand Linux and text consoles.

Remember when you rent a server, what you are renting is a real computer. When you connect to it, you are connecting to a computer, and so it behaves just like your desktop would.

If you don't currently have a server but you want one, you can follow this guide.

Connecting to a server is usually done in one of two ways:

  • Username and password; or
  • SSH keys.

In all cases, you would log in using the following command from your computer:

ssh <user>@<ip>

If the user you are trying to log in as does not have a valid SSH key, then you will be prompted for a password. If the user you are trying to log in as has a valid SSH key, then the log in will just work, without the need for a password.

Username and password

This is the least secure of the two methods, because it relies on nobody else knowing your username and password. However, it does not require much set up and allows you to access the server from anywhere, as long as you know the username and password.

SSH keys

This is more secure, but it relies on nobody stealing your computer or your private keys.

SSH keys work on a per-login basis. Lets say you create an account in your server called jose. You can then put an SSH key into that account that will let you log in from your computer directly into that account, without using a password. The SSH key will not work for other accounts.

In your server, SSH keys are in the ~/.ssh/ folder, where, as you already know, ~ is the user’s home folder.

Generating SSH keys

From your computer, you can generate SSH keys using the command below (if you are using Mac or Linux):

$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/yourname/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in id_rsa.
Your public key has been saved in id_rsa.pub.
The key fingerprint is:
(long number here)
The key's randomart image is:
(random art here)

I would suggest just accepting the default file, and then enter a passphrase (a password) that you will remember. This is a way to secure your SSH key so that even if someone gains access to your computer, they still won’t be able to use the SSH key.

If you are using Windows, install https://git-for-windows.github.io, and then you will be able to run the command above from a program called "Git Shell".

Adding SSH keys to your server

Login to the server using username and password. Then, copy the contents of the SSH key file (in the example above, /Users/yourname/.ssh/id_rsa) and then:

vi ~/.ssh/authorized_keys

Then, press i and paste the contents of your SSH key.

Now your SSH key will be accepted by that user in that server. Next time you connect to the server, you won't be asked for a password.