Logging In to a Remote Linux or Unix System


Remote logins are a way of accessing the command line, processor, storage, and network resources of one computer, using another computer from somewhere else on a network.

They are one of the most powerful features of Unix-like operating systems, and one of the most important reasons for being able to use Linux at the console. After you master the command line, you will not only be able to use workstations or servers in the same room as you without need for graphics, but you will also be able to connect to and fully use nearly any machine worldwide that is running a Unix-like operating system, even on relatively slow dial-up connections, provided you have access to log in.

To illustrate, suppose you live in Chicago but are responsible for a Linux computer system on your company's network in San Francisco. The machine in San Francisco is in an old office building and is only connected via an ancient 14.4k modem to the Internet. In the past, this system was just a secretary's desktop computer, but the boss wants this computer system to be turned into a web server that dishes out a simple list of inventory numbers to a few other locations around the world.

Using remote logins of the type you're about to learn, you could connect to the computer in San Francisco, install a full-featured web server program such as Apache, edit its configuration files using vi or emacs, create web content for the server to display, remove the old password and data files used by the secretary, and place the system online to serve web pages to the few fellow employees around the world who have the correct password to access the data in questionall without ever leaving the Chicago office and all without needing the remote system to have broadband, ISDN, or a T1 connection, much less a human assistant with a telephone on the other end.

Remote logins generally involve two systems:

  • A client system from which the connection originates, and on which you will be running either the telnet or the ssh command.

  • A server system, on which a telnet or secure shell (ssh) server program accepts the incoming connection and provides the remote user with a command prompt. The telnet and ssh servers are the software systems that actually manage remote logins, providing remote login service to the connecting user.

Both telnet and ssh provide similar functionality. However, because telnet is not entirely secure, it is generally a good idea to use telnet only between two systems that lie behind the same corporate or personal firewall (that is, on the same local network), or when you absolutely must log in remotely to an older system on which ssh is unavailable. The ssh system is newer than telnet, and it encrypts its communications for much better security. You will sometimes find that older systems do not accept ssh requests, however, because they support only telnet.

Logging In to Remote Unix Systems Using telnet

Although the telnet command is less secure, it is the oldest, most widely supported method of logging in remotely to Unix-like operating systems. Nearly any Linux system, Unix system, or Unix-like system connected to a network is capable of offering remote logins using the telnet command, provided the network administrators haven't disabled it for security reasons. Unfortunately, telnet does not encrypt the data it sends over the network, so anything you do or anything you type (including your password) could conceivably be intercepted by a malicious user. Because of this, you should use telnet only behind a firewall, on a private network, or in cases where ssh (discussed in the next section) is absolutely unavailable.

To log in to a remote system using telnet, enter the telnet command supplying the domain name of the system you want to log in to as an argument. For example, to log in to a computer called workstation8.mycompany.com, you enter the following command:

 [you@workstation20 ~]$ telnet workstation8.mycompany.com Trying 192.168.242.36... Connected to 192.168.242.36. Escape character is '^]'. SunOS 4.1.3_U1 workstation8 login: 

Note that after the connection is made to the remote system in question, a very familiar login: prompt appears. The process of logging in after connecting with telnet is exactly the same as the process of logging in at the console of your local workstation, provided you have an account on the remote machine.

Fedora Core Turns Off telnet by Default

If you are following along with the chapter, using telnet to access a remote system, but the remote system in question is a Fedora Core 4 computer, you'll find that you get a message like this one:

 Trying whateverhost.com... telnet: connect to whateverhost.com: Connection refused telnet: Unable to connect to remote host: Connection refused 

The reason is that Fedora Core turns off the telnet server by default, due to its relatively insecure nature. When connecting to Fedora Core 4 hosts or any other newer host, use the ssh command discussed the next section. Only when ssh is unavailable, or when you are using older Unix systems, will you need to use telnet.


After you log in to the remote machine, any commands you execute affect only that machine rather than the machine you are logged in from (that is, the machine sitting in front of you). The range of commands available to you on the remote system will often seem familiar to you, given what you know about Linux so far; in many cases, they are the same commands and techniques you have been learning so far. On the other hand, you might at times find that you have logged in to a system whose commands do not seem familiar to you. In such cases, you need documentation for the operating system on the remote computer to be able to use it.

To log out of the remote machine again, use the logout command:

 SunOS:you@workstation8$ logout Connection closed by foreign host. [you@workstation20 ~]$ 

While you are working with remote logins, pay special attention to command prompts; the hostname of the machine you are currently working on is usually displayed in your command prompt. Though this is not the case for all remote systems (especially if the remote systems in question are not running one of Red Hat's Linux operating systems or command prompts have been specially altered), by watching the changes in command prompts, you can often determine whether you are working on your local system or on a remote system at any given moment. If you can't tell from the command prompt, you can use the hostname command (with no arguments) to print the name of the host on which you're working.

What to Do If Your Session Hangs

Sometimes when you are logged on to a remote system, something goes awry: You get caught in a runaway process or task that cannot be aborted, for example. In cases such as this, use the escape keystroke, ^] (Ctrl+]), to bring up a telnet> prompt. At this prompt, you can then type close to close the connection followed by quit to exit telnet.


Logging In Remotely Using ssh

For logins that occur using the public Internet and are great physical distances apart, the ssh or secure shell client is a better choice, if it is offered on the system to which you must connect, because ssh encrypts all exchanged data (including passwords). You should use ssh whenever possible in place of telnet.

To log in to a remote host using ssh, use the following command syntax:

 ssh -l login host 

Here, login represents the name of your login account on the remote system, and host indicates the domain name or IP address of the remote system. For example, if you have an account called jackhenry on a remote host at pc4.faraway.com, you log in with the following:

 [you@workstation20 ~]$ ssh -l jackhenry pc4.faraway.com 

Note that ssh tries to uniquely identify each remote host by keeping track of private identification information. If this is your first time logging in to a particular remote host with ssh, you get a message stating that the remote host's identity can't be verified:

 The authenticity of host 'pc4.faraway.com (10.4.3.3)' can't be established. RSA key fingerprint is 48:f5:8b:d2:87:50:53:43:df:e3:10:52:17:d6:14:26. Are you sure you want to continue connecting (yes/no)? 

Answering yes to this question adds the remote host to the list of known identities and you are prompted for your password:

 Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '10.4.3.3' (RSA) to the list of known hosts. jackhenry@10.4.3.3's password: 

After you enter your password, you are logged in and have access to the command prompt on the remote system. To log out again, you can use the logout command by typing logout at the command prompt and pressing Enter.

ssh Notifies You of Security Risks

If a remote system to which you have previously connected via ssh suddenly causes ssh to display an error message, stating that the identity information on file doesn't match, you know that either the remote host or the connection has been compromisedhijacked by malicious users to steal your data.

In such cases, always contact the network administrator of the remote system for further instruction before logging in.


Not Everyone Supports ssh, but Everyone Should

Not all hosts support ssh logins. If you find that ssh doesn't work for logging in to a host where you are supposed to have a remotely accessible account, you need to fall back to the telnet command, which should work for most hosts that accept remote logins and yet do not accept ssh logins. Even better, ask the network administrator of the remote host to add support for ssh, which is far more secure than telnet.




    SAMS Teach Yourself Red Hat(r) Fedora(tm) 4 Linux(r) All in One
    Cisco ASA and PIX Firewall Handbook
    ISBN: N/A
    EAN: 2147483647
    Year: 2006
    Pages: 311
    Authors: David Hucaby

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net