First we'll want to setup the SSH daemon so others can login to our computer remotely via SSH. Add one line to /etc/rc.conf
sshd_enable="YES"
Now let's start the SSH daemon (this will happen automatically at startup from now on).
/etc/rc.d/sshd start
This being your first time it'll say some stuff about an insecure startup and what not. It's just going to print out your fingerprints in the terminal, so if nobody who you don't want to see it is there, don't worry about it. Now that you have ssh running, you might as well log in from a different computer. You'll need your LAN IP address (ifconfig will work).
ssh 192.168.1.100 -l username
You'll need to change it to your IP address and username of course. Now you should get your login in the terminal, on that computer (hopefully it's running a decent shell). Now you're logged in. If you want you can set up SSH to allow passwordless logins. The best way to set it up ironically, is from one computer ssh logged in to the other one (as the user you would normally log in as). On your client computer issue these commands (as the user you want to use ssh with):
mkdir ~/.ssh
chmod 700 ~/.ssh
ssh-keygen -t dsa -f ~/.ssh/id_dsa -P ''
Now copy the id_dsa file over to the server. From the server run these commands:
cat id_dsa.pub >> ~/.ssh/authorized_keys2
chmod 0600 ~/.ssh/authorized_keys2
Now back on the client add the following lines to ~/.ssh/config
Host 192.168.1.101
IdentityFile ~/.ssh/id_dsa
Now you can close your current connection, and try to start another one with:
ssh 192.168.1.101 -l username
You should be logged in without having to type in your password. Now you can do the exact opposite if you want two way communications.
There is a nice little app scp that comes with ssh. It allows a secure upload of a file. I no longer have ftp access to my school account, so this is my new method of uploading files. Here's how it works.
scp file username@server:file
Now of course that just puts the file on the server, but you can ssh login to manipulate as you see fit.
To make SSH even more useful, check out our instructions here on providing access to network services such as SSH over the Internet. This will allow you to SSH login from your guest to your host computer by the web address you establish rather than the local IP address (which will normally only work on your home/office network).
To login to a host system with a no-ip address, you would do:
ssh -l username example.no-ip.info
Where "username" is your user account on the host system, and "example.no-ip.info" is the no-ip account you set up on the host system.
To securely upload a file to the host system with a no-ip account:
scp ~/file username@example.no-ip.info:file
Or, to securely download a file from the host system that has a no-ip account to your guest system:
scp username@example.no-ip.info:/usr/ports/UPDATING ~/Desktop/UPDATING
Which is the command I (Kevin) would use to download a copy of the file /usr/ports/UPDATING on my parents' FreeBSD computer to my Mac OS X system in another state so I can help troubleshoot a stubborn package that doesn't want to update properly. I can troubleshoot their system to my heart's content by logging in via ssh over the Internet thanks to their no-ip account.
By the way, wouldn't you like to be able to run all of your apps after ssh logging in? The following instructions will allow you to do just that. WARNING: do not attempt over an Internet connection! This will only work well on a local network. The Internet is too slow to give you any joy running remote X apps.
Remote X AppsNow we'll get some remote X applications running. Take note of course, this won't be very useful over the internet, but on a LAN. I suppose with two high speed connections some apps might work all right. By default, this feature is disabled (for security reasons). So, whenever you startx, you will need to invoke it with a special parameter.
startx -listen_tcp
This is for the Xserver which you will be running the remote apps on, but you might as well share between both computers. Now we need to use xhost.
xhost +192.168.1.101
Replace that IP address with the IP address of the computer which will be running the applications. That's the computer you're NOT sitting on, and the computer which will NOT display the apps. In my case my computer is 192.168.1.100 and the remote computer is 192.168.1.101. That's the convention I will follow. Now that we got that setup, let's login to the other computer.
ssh 192.168.1.101 -l username
If you did the last section (which you better have) you'll be familiar with that. I'll remind you once again, that that is the IP address of the computer which is running the applications. You should be greeted by the login prompt on that computer. Now we need to set the $DISPLAY variable. If you're using bash or zsh:
export DISPLAY=192.168.1.100:0.0
That IP address is the IP address of the computer you are sitting at. Now if you run any X applications from the terminal at which you are logged in on the other computer, they'll come to your screen. This can allow for some funny things, as I was running K3B and beep-media-player, however, they weren't very useful using the cdrom drives on my remote computer, or its speakers. In the next section we'll make this much more powerful using NFS. It'll give us a chance to use those our cdrom drives, in the remote X session.