What is SSH? The Magic Of Remote WordPress Access
Did you know you can securely access your WordPress site remotely? But how is it done? By some magician’s trick? Actually, it’s called SSH — and now’s your chance to get to know it.Oct 2020: We tested all the best WordPress hosts! Find out how we compare.
It’s possible with a dash of login credentials, a sprinkle of an interface, and a pinch of a good network connection.
Then, like a good WordPress potion, everything works together and you’ll have a secure way of getting it all accomplished.
In this getting started guide, we’ll be going over all things WordPress SSH to get you started and familiar with how it operates.
Continue reading, or jump ahead using these links:
- What is SSH?
- Let’s Talk Client and Server
- When Do You Need To Use SSH?
- Prerequisites For SSH
- The Key(s) to Getting Started
- SSH Set Up
- What’s In Store Next?
- Similarities Between SSH and SFTP
- Connecting Client and Server
- SSH Commands
- SSH and FTP
- We’ll Fini(SSH) With This…
Though it looks like I’m trying to keep this under wraps (SSH can easily become confused with shhh), it’s no secret that by the time you get through this, you’ll be so comfortable knowing SSH that you can set it up and securely log in to your computer remotely.
You’ll also discover how the process can be simplified with good hosting.
Once you get the hang of SSH, you’ll see why it’s so popular and how remote access can make life easier for you (unlike some other things that are remote).
SSH is a UNIX-based command interface and protocol. It stands for ‘Secure Shell’ and is defined as a protocol for secure remote login and other secure network services over an insecure network.
It functions by using public-key cryptography for connection and authentication.
What this means is that you can use it to gain access to your WordPress website remotely from any computer.
It doesn’t matter where your site is hosted, as long as you have credentials to log in.
SSH is here to provide a secure login, to ensure nobody has access to your connection while you’re on it.
When you want to connect your server by using SSH, you just need two things:
- An interface
- Login Credentials
Something to keep in mind is if you’re running Linux or macOS, there is already an interface built into your operating system, so installing an SSH client isn’t necessary.
However, if you’re running Windows, you’ll have to install a client. More on that coming up…
To establish an SSH, there are two components: a client and the corresponding server.
A client is an application that you’ll install on your computer to connect with another computer (aka — server).
The client uses the remote host information to initiate a connection and, when the credentials are verified, establishes the encrypted connection.
Meanwhile, on the server-side, there’s a component defined as SSH daemon that is regularly listening to a specific TCP/IP port for potential client connection requests.
When a client initiates a connection, the SSH daemon will reply with the software and the protocol versions it supports.
Then, the two will exchange their identification data. If all is well and the credentials pan out, SSH creates a new session for the appropriate environment.
It’s almost as if the client and server were passing each other a briefcase. Any crook getting in between that wants to get into the briefcase can’t, because they don’t have a key.
This keeps the items in the briefcase secure until the client opens it up with a key, and is able to pass things back and forth securely.
With cloud servers becoming increasingly popular and affordable, more and more clients favor the use of a cloud server for their website.
That makes SSH the most commonly used tool to handle tasks of various degrees on cloud servers.
Some examples of when SSH might be used are when a developer sets up a web server for a website of a client, or to possibly deploy source code to a production server.
Before you can establish a secure remote desktop protocol with a remote machine, there are some requirements.
Here is the checklist:
Ensure you have the necessary permissions to access the remote computer.
The Firewall settings have to allow a remote connection.
Have the IP address or the name of the remote machine you want to connect up to.
The remote computer has to be turned on and have a network connection.
Client and server applications need to be installed and enabled.
Of course, to check some of these items off, you’ll need to know how to get set up in the first place.
On that note, here are…
You will have to set up SSH correctly to ensure you’re able to login to the cloud server from your local computer.
So, how do we go about doing that?
As I mentioned, if you have a Linux or macOS, a pair of public and private keys are already built into your operating system.
If you’re Windows-based, you’ll need to install a client to get started.
It’s free and easy to do. It’s just a matter of downloading a client to your system.
You can take a look at more comparisons and see what works best for you.
To get set up, we’ll need to generate the public and private keys pair.
In this example, I’m on a Mac OS, so I’ll be doing this from Terminal. The Terminal is located in Applications>Utilities>Terminal.
Once there, we will run this command:
ssh-keygen -t rsa
In this command, the -t option will allow you to specify what type of key to create. It’s typical to use RSA.
RSA is one of the earliest public-key cryptosystems and is widely used in secure data transmissions.
RSA is here by default, so there is nothing to change unless you specify something else.
Enter file in which to save the key (/Users/demo/.ssh/id_rsa):
Now you’ll enter the path where you’d like to store the public and private key pairs. On Mac OS X, typically they’re saved in the user’s home directory. However, save it anyplace you’d like.
Once you have it saved, next up is to enter a passphrase.
If you’re running this for the first time, keep it as the default value.
Enter passphrase (empty for no passphrase):
Type in a password to protect your private key. This is the password you’ll need to enter each time you access the private key.
If you don’t want a password, you can keep it empty.
Enter same passphrase again:
You’ll next confirm your password.
Once you do that, your identification is saved and you’ll get a confirmation and the key’s randomart image will appear on the line below.
It will also tell you where the public and private key is saved to above the image.
An example of the public key would be /Users/demo/.ssh/id_rsa.pub and /Users/demo/.ssh/id_rsa for the private key.
You’re moving right along now with SSH. You have your key, passcode, and the information stored in a location on your computer.
Note: If you’re on Windows, search online for “generate ssh keys windows” and you will get a list of tutorials showing you how to do this.
Here, for example, is one that came up for manually generating ssh keys in Windows using PuTTY.
Glad you asked. We need to ‘store’ the public key to the cloud server, so you can allow users access to your website.
Your hosting company should have an admin section for you to upload the public key. Every cloud service will be different, so you may have to reach out to yours for specific information on where to do this.
Since we offer hosting here at WPMU DEV, I’ll show you how to do this through our hosting service.
We make it simple and easy to store the public key and allow users access.
With our hosting, you’ll log in to your WPMU DEV account and go to The Hub 2.0, click on your website, and then click the Hosting tab.
You’ll see a bunch of tabs appear beneath. Click on SFTP/SSH.
This will give you the option to add an SFTP or SSH user. Click Add User.
Once you hit Add User, you’ll have a choice between SFTP or SSH.
Tough choice, huh?
If you’re wondering what the difference between an SFTP user and SSH user is, here is some clarification.
SFTP (SSH File Transfer Protocol) is a file transfer protocol that is built upon the SSH transport layer. It’s used to securely move large amounts of data over any given internet connection.
Of course, we defined it earlier, but just to refresh, SSH is a protocol that allows you to connect securely to a remote computer or server by using a text-based interface.
With SFTP, the protocol can’t exist without SSH, making SSH the binding agent that lets SFTP transfer files securely. Most SSH servers include SFTP capabilities, however, not all SFTP servers support SSH actions and commands.
They’re both used to transfer information securely, but unlike SFTP, SSH can exist on its own.
Many applications for SSH are remote command-line, remote command execution, and log in.
SFTP provides secure file access, file management, and file transfer over a data stream.
Alright, now that you know the differences, you can choose accordingly what type of user you’d like to add.
We’re going to stick with SSH for this tutorial.
Once you click on SSH User, a screen pops up with additional information to add for a new SSH user.
Here, you set up a Username, Password, Path Restriction (optional), and Environment.
In the Password section, you have the option of using a Public Key that we went over earlier (/Users/demo/.ssh/id_rsa.pub). Or, you can create your own password.
In the Path Restriction area, you can add restrictions for wp-content, Plugins, or Themes. By default, it’s on None.
In the Environment area, we’ll select Production.
After you get the information entered, your Users will appear on the SFTP/SSH dashboard.
It shows the Username, Environment, Type (e.g. SSH), Path Restrictions, and SSH Connection Info.
From this point, your users will have SSH access.
You can change your password and edit the user however you’d like in this area.
When you’re ready to log in, the Connection Info is where you can copy and paste the user name for configuration.
You would then paste or type this into your Terminal. After that, it will prompt you to enter a password.
If the username and password are correct, you’ll have access and a screen similar to the one below will appear.
You can now use commands and perform functions.
Setting up an SFTP User is similar to SSH. Just follow the prompts and, like our above example, it will then appear in your dashboard once successfully set up.
Now that you’re set up, refer back to our checklist at the beginning of this article. If you have your remote machine and your own computer set up with SSH, you should be in business!
To operate a remote machine, SSH is performed by commands. There are numerous command capabilities that you can use. Here’s a rundown…
You can run certain commands from one computer on a remote machine. This will enable you to copy files, list files in a certain directory, move files, and more.
This is more advanced and will require getting to know the commands and what ones do what.
However, once you know what each command does, you can then operate a system remotely with them.
Several examples of commands are:
ls will display the details of the files, such as the modified date and time, size, and permissions.
Cd is used to change directories. It will take you to the new directory and the command line indicates where you are.
Mkdir will create a new directory.
There are a lot of popular commands in SSH. A list of commands that are allowed with WPMU DEV hosting can be found on our SFTP & SSH information page.
It will be necessary for you to know commands if you’re going to be the one working with a computer remotely.
There are cheat sheets out there that can give you more insight and examples of what commands can do.
Something to keep in mind is SSH is a pretty powerful tool, so if you DO create commands, you have to be careful or you could break your site.
You can add and delete files, so if you enter a wrong command, you could lose content.
Be sure to backup your website before using commands and get familiar with how they function.
You may have heard about FTP as a method of transferring information remotely.
So, what’s the difference between SSH and FTP?
FTP (File Transfer Protocol) is a standard network protocol that is used to transfer files between a client and a server on a data network. File transfer connections are (typically) initiated by an FTP client and responded to by an FTP server.
Then, when authenticated, a connection occurs between the client and the server.
Any files and folders can be transferred to either direction between the connected computers.
It’s different from SSH for several reasons.
SSH is vastly more secure. When FTP was designed, network security wasn’t as important as it is today.
It wasn’t created to be secure and offers no protection for the privacy or integrity of the files that are being transferred. So, information can easily be intercepted.
And if you’re great at using Unix commands, then SSH is probably going to be your best choice. That being said, with FTP, you can use any favorite editor for file editing.
Also, for speed, SSH is quicker.
With FTP, you need to download files to your PC and then upload it to the server using FTP.
With SSH, getting files from server to server with commands is fast, once you learn what commands do what. You can download a library within seconds.
So, for a secure transfer of information, speed, and reliability, SSH is typically the best option.
Now that you’ve dabbled in SSH, you can securely set up your website remotely and have it worked on without being there.
As I showed you earlier in this article, setting up SSH with our hosting, it’s an easy way of doing it in The Hub 2.0. Plus, with our hosting, we offer 24/7 support, our award-winning premium plugins, advanced releases on updates, and much more!
As you can see, it IS like magic! Okay, in this day and age, maybe I won’t go that far. However, it is a great option for working on your WordPress site remotely.
Add in a dusting of great hosting (waving hand) and you’ll be in good SSH-ape — and I’ll stop with the play on words.