Setting up Secure Shell on your Raspberry Pi

Why you want to access your raspberry pi with SSH?

The Secure SHell (SSH) is a program that allows us to access and use our RaspberryPi  remotely. This allows us to place our raspi anywhere at a remote a location, access and use our raspi from anywhere in the world.  The raspi needs to be connected to internet. We can connect the raspi to the internet in several ways.

The best thing about using SSH is that it is SECURE. It encrypts all the data that flows between our machine and our remote raspi.

Just to share some basic information.

  • We set up a SSH SERVER (and that’s a software ) on the machine that we want to access remotely.
  • Such a machine is what the techies call a server.
  • We also install a SSH CLIENT on our own laptop or computer machine.
  • We use the SSH Client to connect to the SSH Server.
  • The SSH server helps us do things on the Server machine.
  • Common open source SSH Clients are PUTTY, OpenSSH and others.
  • And with me, you will only get recommendation for open source software.
  • I love to use open source and feel great to be a part of the community.

And now we will continue with more details about setting it up on our raspi.

Two machines are involved and they need to have the two software on them

  1. SSH Server

    1. The machine you plan to access remotely. This is where you will need to install the SSH server.
    2. So that when the SSH client contacts the IP address on which your raspi is setup, it is able to accept your request for connecting to it.

  2. SSH Client

    1. The machine which we use to access the remote raspi.
    2. The SSH client I like to use is Putty. It is tried and tested, it is open source, has great community support and is totally free.
    3. And then, the commands we type into the client will be executed on the server (your raspi here).  That’s the majesticity of working remotely.
    4. The commands we use are the linux shell commands. These are very easy to learn and need some practice. But are not complicated at all once you get a hang of it. You may want to register and download the cheatsheet here or do a quick certification here.
    5. So when we use Putty ( the SSH client) and once we are able to authenticate ourselves and login to the remote machine, it will provide us a shell om our local machines for the commands that will be executed on the remote raspbian machine.
    6. There is a nice quick tutorial on Putty on youtube.com that you can use watch for a quick recap and quick learning. In teh tutorial the lady requires you to have a linux server. Guess what, you already have it in your raspberry pi. So you do not need that part.
    7. And one more thing here, the basic SSH provides only a terminal interface. It is not a GUI.
    8. We can do work on the remote machine with the GUI as well. We will need another software for it. That is not covered in this blog.

SSH Requirements :

  1. Both the machine connect and communicate over the internet. And so should also be connected to the internet.
  2. We must have an SSH client program on the client machine.
  3. The remote machine being controlled must be running the SSH server.
  4. This is a default feature on raspbian servers (your raspi).
  5. Which means that when you boot up your raspi, the ssh server is running by default and waits for an incoming connection request from the ssh client we are using to connect to it.
  6. We must have an account on the server machine or create one.
  7. We will need to create one on your raspi if we don’t have one.
  8. We could use the default admin username and password. But it is not advisable.
  9. It is best to have a separate username and password for remote access.
  10. Any firewall must allow ssh requests to go through as well. Which means the SSH port (port 22) should be open whereever the server machines are placed for both, the clients and for the servers.
  11. And if we are in our homes. Then we will need to open up  port 22 on our WIFI router. If you have kept all the ports on your router open, then you are good. Otherwise, we will need to make sure that port 22 is open.

Running the SSH Client (Putty)

  1. Open a terminal (LXTerminal) and type the following command : ssh <username>@domainname>
  2. <username> is your username on the server machine
  3. <domainname> is the address of hte server machine
  4. When trying to login for the first time, you will get a message that the address could not be authenticated.
  5. Enter “yes” to continue, as long as you are sure of the address. It wants you to confirm the address.
  6. And it will remember it for the next time.
  7. Enter the password. The server will prompt you for the password. You will see the server’s command-line prompt.

Raspberry Pi SSH Server

  1. As already discussed, this is useful to access our raspi without connecting it to a monitor and keyboard (geeks call it headless mode).
  2. This is also the way we connect remotely.
  3. The ssh server should be running when we boot our raspi by default. There is nothing you need to do to turn is on.
  4. It is up and running and waiting for a connection on the SSH port. It is running by default on the raspberry pi.
  5. One thing we must do before we start using it is to change the private host ID keys. Otherwise they will have the default values and those can be dangerous because any one can use the default keys and login to our raspi just as easily as we can.
  6. Run this command to change the private host ID keys : sudo rm /etc/ssh/ssh_host_* && sudo dpkg-reconfigure openssh-server

And now we are ready to go… next thing we will need to know is what to do after login in.

🙂 We will leave it for another time…

Happy Reading and Learning !!!