On Mac and Linux, SSH is built-in - you don't need extra software. The Terminal application gives you direct access to SSH and related tools. At Theory7, we see that many developers and system administrators use Mac or Linux because of these powerful command line capabilities. In this guide, we explain everything about SSH connections.

Open Terminal

On macOS

There are several methods to open the Terminal:

• Spotlight: Press Cmd + Space, type Terminal, and press Enter.
• Finder: Go to Applications > Utilities > Terminal.
• Launchpad: Search for Terminal in the Launchpad.

On Linux

Depending on your distribution, there are different ways to open the Terminal:

• Ubuntu/Debian: Press Ctrl + Alt + T to open a new Terminal.
• KDE: Search for Konsole in the application menu.
• GNOME: Search for Terminal in the application menu.
• General: Look for Terminal in the application menu.

Basic SSH Connection

The simplest way to make an SSH connection is by using the following command:

ssh username@server

Example:

ssh john@example.com

With Specific Port

At Theory7, we use port 7777 for extra security. This can easily be done with the following syntax:

ssh username@server -p 7777

With IP Address

If you want to access the server via an IP address, use the following command:

ssh username@123.45.67.89 -p 7777

Generating SSH Keys

SSH keys are more secure than passwords and make connecting to servers easier and safer. Using SSH keys prevents you from having to enter your password every time.

Creating Ed25519 Key (Recommended)

The Ed25519 key is the recommended option due to its strong security and speed:

ssh-keygen -t ed25519 -C "your@email.com"

You will be prompted to make a few choices:

1. Location: Press Enter to use the default location (~/.ssh/id_ed25519).
2. Passphrase: This is an optional password for extra security of your private key.

Creating RSA Key (Older Systems)

If you are working with older systems that do not support Ed25519, you can create an RSA key:

ssh-keygen -t rsa -b 4096 -C "your@email.com"

Viewing Keys

To view your generated keys, use the following command:

ls -la ~/.ssh/

You will see the following files:

• id_ed25519 - This is your private key (never share this!).
• id_ed25519.pub - This is your public key (you can share this with others).

Copying Public Key to Server

To connect to a server via SSH, you need to copy your public key to the server. This can be done in several ways:

Method 1: ssh-copy-id (Easiest)

The simplest way to copy your public key is with the ssh-copy-id command:

ssh-copy-id -i ~/.ssh/id_ed25519.pub user@server -p 7777

This command automatically copies your public key to the server and adds it to the authorized_keys file.

Method 2: Manually

If ssh-copy-id does not work, you can do it manually:

1. View your public key with:

cat ~/.ssh/id_ed25519.pub

2. Copy the output of the command.
3. Log in to the server with your password.
4. Add the public key to ~/.ssh/authorized_keys:

echo "your-public-key-here" >> ~/.ssh/authorized_keys

5. Check if the file permissions are set correctly:

chmod 600 ~/.ssh/authorized_keys

6. Log out and try to log in again with SSH.

Method 3: Via DirectAdmin

If you are using a hosting provider that supports DirectAdmin, you can also import your public key via the interface:

1. Log in to DirectAdmin.
2. Go to SSH Keys.
3. Click on Import Key.
4. Paste your public key in the designated field.
5. Authorize the key.

Connecting with SSH Key

After installing your key, you can connect to the server without entering your password:

ssh -i ~/.ssh/id_ed25519 user@server -p 7777

If you are using the default key, you can simplify the command:

ssh user@server -p 7777

SSH Config for Faster Connections

To make connecting to different servers easier, you can create an SSH config file:

nano ~/.ssh/config

Add the following configuration:

Host myserver
    HostName yourdomain.nl
    User username
    Port 7777
    IdentityFile ~/.ssh/id_ed25519

Host theory7
    HostName server.theory7.net
    User myuser
    Port 7777
    IdentityFile ~/.ssh/id_ed25519

Now you can easily connect with:

ssh myserver

Or:

ssh theory7

Transferring Files

With SSH, you can also easily transfer files between your local machine and the server. This can be done in several ways:

SCP (Secure Copy)

To upload a file to the server, use:

scp -P 7777 localfile.txt user@server:/path/to/destination/

To download a file from the server, use:

scp -P 7777 user@server:/path/to/file.txt ./local/

To upload an entire folder, use:

scp -P 7777 -r localfolder user@server:/path/to/destination/

SFTP Interactive Session

For an interactive session with the server, you can use SFTP:

sftp -P 7777 user@server

Here are some useful SFTP commands:

• ls - Shows the files in the current directory.
• cd - Change the directory.
• get file - Download a file from the server.
• put file - Upload a file to the server.
• exit - Close the SFTP session.

rsync for Efficient Sync

Rsync is a powerful tool for synchronizing files and folders. It is efficient because it only copies changed files:

rsync -avz -e "ssh -p 7777" ./local/ user@server:/remote/

SSH Agent for Key Management

To avoid entering your passphrase every time, you can use an SSH agent:

Starting the Agent

Start the SSH agent with the following command:

eval "$(ssh-agent -s)"

Adding Key

Add your SSH key to the agent:

ssh-add ~/.ssh/id_ed25519

On macOS, you can store the key in the Keychain so you don't have to enter it every time:

ssh-add --apple-use-keychain ~/.ssh/id_ed25519

Troubleshooting

If you encounter issues connecting with SSH, here are some common error messages and solutions:

Permission denied (publickey)

• Check if your public key is correctly installed on the server.
• Verify the file permissions of your private key with:

chmod 600 ~/.ssh/id_ed25519

Connection refused

• Check if you are using the correct port.
• Verify that the server is reachable by performing a ping test:

ping server

Host key verification failed

• This may mean that the server key has changed, which could indicate a security issue.
• If you are sure the change is legitimate, you can remove the old key with:

ssh-keygen -R server

Related Articles

• Using WP-CLI via SSH
• Server Backup Strategy
• Activating SSH Access in DirectAdmin
• Using Composer via SSH

Need Help?

We are here for you! Are you facing any issues or do you have questions? Our support team is happy to assist you personally. Send us a message via the ticket system - we usually respond within a few hours and are happy to help.