SSH or Secure Shell is used to access Linux machines remotely. It is among the most useful and powerful utilities of Linux.

Checking if SSH is already installed
Most likely SSH does not need to be installed on your system because it is already install. To check if it is already installed:

$ which ssh

or

$ whereis ssh

Installing SSH
If it is not installed, the easiest way to install SSH is through a package manager:

$ yum install openssh-clients.i386

on Red Hat/Fedora

$ sudo apt-get install openssh-client

on Ubuntu

If you prefer to install SSH client manually, follow these steps: can be downloaded from www.openssh.com. To install, do the following:

1. download openssh from http://www.openssh.com
2. $ tar xzvf openssh-x.x.tgz
3. $ cd ssh
4. $ make obj
5. $ make cleandir
6. $ make depend
7. $ make
8. $ make install
9. $ cp /etc/ssh/ssh_config /etc/ssh/ssh_config_backup
10. $ cp /etc/ssh/sshd_config /etc/ssh/sshd_config_backup
11. $ cp ssh_config sshd_config /etc/ssh
12. $ mkdir /var/empty

Using SSH
To use, do type the following:

$ ssh -l username remote_address
$ ssh -l user 123.123.123.123

If you are using a port specific port e.g. 7878

$ ssh -l user 123.123.123.123 -p 7878

Using SSH for remote X windows
SSH can be used to open windows applications remotely. For remote X windows, use the -X option.

$ ssh -X -l user 123.123.123.123
$ xeyes &

xeyes is a X windows application. If you do not have xeyes installed on your server, simply install it using "yum install xeyes" or its equivalent for with apt-get.

Error: Can't open display
If you get the error "error: can't open display", you need to check whether the "X11Forwarding" feature is turned on in the SSH server. To check this, log onto the remote server with regular SSH and do the following:

$ locate sshd_config
/etc/ssh/sshd_config
$ vi /etc/ssh/sshd_config

Search the file for "X11Forwarding" and set it to "yes" it is not already set to yes:

X11Forwarding yes

Save file restart sshd service under Debian Linux (such as Ubuntu)

/etc/init.d/ssh restart

On Fedora / Red Hat Linux restart sshd:

$ /etc/init.d/sshd restart

If you the problem is still not solved, log into SSH in verbose mode as follows:

$ ssh -v -X user@host

You will get something like:

debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 123.124.125.126 [123.124.125.126] port 7878.
debug1: Connection established.
...
debug1: Requesting X11 forwarding with authentication spoofing.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug1: Remote: No xauth program; cannot forward with spoofing.

If you get the error message "Remote: No xauth program; cannot forward with spoofing", xauth is either not installed or not linked properly. To fix this problem, do the following on the server:

$ whereis xauth
$ which xauth
/usr/bin/which: no xauth in (/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin)

If xauth is not installed, install xauth:

$ yum install xauth
or
$ sudo apt-get xauth

Check the path of the installation

$ which xauth
/usr/bin/xauth

If xauth is installed somewhere else such as "/usr/X11R6/bin/xauth", create a symbolic link to "/usr/local/bin"

$ ln -s /usr/X11R6/bin/xauth /usr/bin/xauth

Try verbose SSH again

$ ssh -v -X user@host

This time the last few lines should look something like the following:

debug1: Requesting X11 forwarding with authentication spoofing.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
/usr/bin/xauth: creating new authority file /root/.Xauthority

Now type

$ xeyes &

and you should see a small window with two eyes following your mouse pointer.

When using ssh, if you get the following message, do not panic. Chances are nothing nasty has happened.

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
e2:7c:58:33:c5:c7:ce:75:a9:55:1a:ef:ef:d7:4b:fe.
Please contact your system administrator.
Add correct host key in /home/someone/.ssh/known_hosts to get rid of this message.
Offending key in /home/someone/.ssh/known_hosts:1
RSA host key for www.somesite.com has changed and you have requested strict checking.
Host key verification failed.

Most probably this means that the public key of the host has changed and the key stored in your cache is no longer valid. Simply do the following;

$ vi .ssh/known_hosts

Inside this file, remove the line which refers to the host, e.g. somesite.com. Save the file and start ssh again. That's it!