Let's begin this small journey into SSH!
If you have ever wondered how SSH works and why it is used so often, this post is for you. In this article I will explain what SSH actually is, what happens behind the scenes when you connect to a server, and why SSH became one of the most useful tools when working with hosts and servers.
I will also show you how to create SSH keys, establish a secure connection, and connect to your own host step by step. I will keep things simple and practical instead of making this feel like a boring textbook.
Why do people use SSH?
SSH is used almost everywhere when working with servers. Some common examples are:
- Connecting to remote Linux servers
- Managing VPS hosts
- Executing commands remotely
- Uploading and downloading files
- Using SSH keys instead of passwords
- Secure system administration
If you work with Linux or servers, you will probably use SSH very often.
How does SSH work behind the scenes?
When you start an SSH connection, a few things happen in the background:
1. Your computer contacts the remote server.
2. SSH starts a handshake process.
3. Encryption information is exchanged.
4. The server checks your identity.
5. A secure encrypted tunnel is created.
6. You can now safely execute commands on the server.
Creating SSH keys
Before we can securely connect to our server, we first need to generate SSH keys.
SSH creates two keys:
• Private key → stays on your computer and should never be shared.
• Public key → can be copied to the server safely.
You can think about it like a house key. The server knows which key is allowed to open the door, but only you should own the real key.
When we execute the `ssh-keygen` command in the terminal, SSH starts generating a new key pair. During this process, it asks where the keys should be stored and whether we want to protect them with an additional passphrase.
After the process finishes, two files are created automatically inside the `.ssh` directory:
• `id_ed25519` → your private key
• `id_ed25519.pub` → your public key
The private key stays on your machine, while the public key will later be copied to the server to allow secure authentication..
After generating the keys, we can check the `.ssh` directory and see the newly created files.
The `id_ed25519` file is the private key and it always stays on our computer. This key should never be shared with anyone.
The `id_ed25519.pub` file is the public key. Unlike the private key, this one can safely be copied to the remote server. SSH will later use both keys together to verify our identity and establish a secure connection.
Adding the public key to the server
Now that we have generated our SSH keys and identified both files, we need to add the public key to our remote server.
The public key can safely be shared because it cannot be used alone to gain access. We copy it to the server so it can recognize our machine during future SSH connections.
Once the server has our public key, SSH can verify our identity automatically and we no longer need to type a password every time.