Teleportation

Everything you have learned so far assumed you were sitting directly in front of the computer. In the real world, the servers you manage are in data centers hundreds or thousands of miles away.

You must securely project your terminal across the internet.

The industry standard tool for this is SSH (Secure Shell). It creates an encrypted tunnel between your laptop and the remote server. Anyone listening on the internet only sees scrambled mathematical noise.

(Note: Windows 10/11 now includes the OpenSSH client natively, so the commands are identical on both platforms!)

---

1. The Basic Connection

To connect, you need the remote server’s IP address (or domain name) and the username you want to log in as.

When you connect for the very first time, your computer will ask: Are you sure you want to continue connecting (yes/no)? It is recording the server’s unique fingerprint to ensure you aren’t being tricked by a hacker next time. Type yes.

You will then be asked for the user’s password.

---

2. Cryptographic Keys (No More Passwords)

Expert operators do not use passwords to log into servers. They use Key Pairs.

A Key Pair consists of two mathematically linked files:

1. The Private Key: A massive, unguessable string of characters that stays securely on your laptop. Never share this with anyone.
2. The Public Key: A string you can safely give to the world (or put on a server).

When you try to log in, the server issues a mathematical challenge that can only be solved if you possess the Private Key. It is un-hackable by modern brute-force techniques.

Step 1: Generate the Keys

Run this on your local laptop:

Step 2: Push the Public Key to the Server

Now, you must copy the .pub file to the remote server, placing it in a specific hidden folder (~/.ssh/authorized_keys).

Step 3: Log In Instantly

Type ssh user@192.168.1.100 again. You will be logged in instantly without typing a password. You have achieved cryptographic authentication.

---

3. The SSH Config File (Shortcuts)

If you manage 10 different servers, typing ssh production-user-service-account@10.25.100.41 -p 2255 -i ~/.ssh/special_key every day is exhausting.

You can save all of these settings in a configuration file on your laptop.

Open (or create) the file ~/.ssh/config using a text editor (Notepad, nano, VS Code).

# ~/.ssh/config contents
Host web-prod
    HostName 10.25.100.41
    User production-user-service-account
    Port 2255
    IdentityFile ~/.ssh/special_key

Host home-pi
    HostName 192.168.1.50
    User pi

What You Just Learned

• ssh user@IP projects your terminal onto a remote computer.
• Passwords on the internet are dangerous.
• ssh-keygen creates an un-hackable Private and Public key pair.
• ssh-copy-id copies the secure Public key to the remote server.
• The ~/.ssh/config file acts as your address book, storing complex usernames, custom ports, and specific keys behind simple shortcut names.

You can now connect to servers anywhere in the world. Next, we look at how those servers locate each other using DNS.