Nano Ink

SSH — Secure Shell

A secure protocol to remotely access and manage servers

What is SSH?

SSH (Secure Shell) allows secure remote login, command execution, and file transfer between systems over an encrypted channel.

port
22

Basic SSH Command

ssh username@hostname

Example:
ssh root@192.168.1.10
ssh surya@myserver.com

Connect with Port

ssh -p 2222 username@server

Generate SSH Key

ssh-keygen

Default path:
~/.ssh/id_rsa

ssh-keygen -t rsa -b 4096

ssh user@server "uptime" ssh user@server "ls -l /var/www"

ssh-copy-id username@server

If ssh-copy-id not available:

cat ~/.ssh/id_rsa.pub | ssh user@server "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"

Option	Meaning
`-p`	specify port
`-i`	choose identity (key file)
`-v`	verbose debugging
`-X`	enable GUI forwarding
`-t`	force terminal

Example:

ssh -i ~/.ssh/custom_key user@server

SSH Config File (Time Saver!)

Location:

~/.ssh/config

Example:

Host myserver
   HostName 192.168.1.10
   User surya
   Port 22
   IdentityFile ~/.ssh/id_rsa

Now simply run:

ssh myserver

connected

📂 File Transfer Commands

Upload File → Server

scp file.txt user@server:/home/user/

Download File ← Server

scp user@server:/home/user/file.txt .

Copy Folder

scp -r folder user@server:/path/

⚡ Faster + Reliable Transfer (rsync)

rsync -avz file user@server:/path

Mirror directory:

rsync -avz --delete folder/ user@server:/path/

ssh user@server "uptime" ssh user@server "ls -l /var/www"

Reset SSH Service

Linux:

sudo systemctl restart ssh`

Or:

sudo service ssh restart

Check Port Listening

sudo netstat -tulpn | grep ssh

🛡️ Security Best Practices

Disable root login
Use SSH keys (avoid passwords)
Change default port
Enable fail2ban
Restrict IPs

Disable root login:
Edit:

sudo nano /etc/ssh/sshd_config

Change:

PermitRootLogin no

Restart SSH.

Quick Summary

SSH connects securely
Use ssh-keygen + ssh-copy-id
Use config file for shortcuts
SCP / rsync for file transfer
Tunneling for advanced usage

rsync — File Synchronization & Backup Tool

What is rsync?

rsync (Remote Sync) is used to copy and synchronize files/folders locally or between remote systems.
It is faster than scp because:

Transfers only differences
Supports resume
Preserves permissions & timestamps

🧾 Basic Syntax

rsync [options] source destination

Examples:

rsync file.txt /home/user/Desktop/
rsync myfolder/ backup/

Upload to Remote Server

rsync file.txt user@server:/path/

Directory:

rsync -av myfolder/ user@server:/path/

Download from Remote Server

rsync -av user@server:/path/file.txt .

Directory:

rsync -av user@server:/path/folder/ .

🧭 Important Options

Option	Meaning
`-a`	archive (preserves permissions, owner, time, recursive)
`-v`	verbose
`-z`	compress
`-P`	progress + resume
`--delete`	remove files not in source
`-r`	recursive (included in `-a`)

Most used combo

rsync -avzP source/ destination/

⚠️ Slash Rule (Very Important)

folder/ → only contents
folder → folder + contents
Example:

rsync -av Photos/ Backup/

Copies inside Photos → Backup/

rsync -av Photos Backup/

Creates:

Backup/Photos/

🔁 Mirror Exact Copy

Deletes extra files in destination:

rsync -av --delete source/ destination/

Use carefully!

🚀 Resume Large Transfers

rsync -avzP file.iso user@server:/path/

🎯 Exclude Files

Skip unwanted files:

rsync -av --exclude="*.log" folder/ backup/

Multiple:

rsync -av \
--exclude="node_modules" \
--exclude="*.tmp" \
project/ backup/

🔐 rsync Over SSH (Secure)

rsync -avz -e ssh folder/ user@server:/path/

Custom SSH Port:

rsync -avz -e "ssh -p 2222" folder/ user@server:/path/

🧪 Real Use Cases

1️⃣ Backup Home Directory

rsync -av ~/ Documents/Backup/

2️⃣ Deploy Website

rsync -avz site/ user@server:/var/www/html/

3️⃣ Sync External Drive

rsync -av /mnt/drive/ /backup/drive/

🧠 Safety Tip

Preview without making changes:

rsync -av --dry-run source/ destination/

🏆 Practice

1️⃣ Sync two folders
2️⃣ Test with / and without /
3️⃣ Try --delete carefully
4️⃣ Try remote sync

[!Summary]
rsync is powerful because it is:

Fast
Secure
Efficient
Backup-friendly
Ideal for DevOps & servers