Transcript from the "Exercise 10: Log onto your own server" Lesson
>> Jem Young: So now we're gonna log in. We're gonna log in to your very own personal server. All right, this is confusing so I'm gonna break it down for you. ssh, we know what that does, it's a way of logging in to a server. -i means identity, it's saying I wanna use this specific private key to log in to the server.
>> Jem Young: This first part is your username so right now your root because we don't have a user, so it's always gonna be root. And then paste in your SERVER_IP
>> Jem Young: So give everybody a minute to go ahead and do that and then I will demonstrate
>> Jem Young: how to do it?
[00:00:41] So if you're already in your SSH directory, you don't have to do the ~/.ssh/my_key, you can just say my_key, okay? So I'm just gonna go ahead and demonstrate this, clear ssh and pwd stands for print working directory just tells me where I am. Pwd always gets me because I think password every single time but it's print working directory.
[00:01:06] And just tells me I'm in ssh directory. So I'm just gonna say ssh-i my_key, think it's 2. And we're not using the public key, we're using the private key on this instance so we don't have a .pub. And on roots at, this is my server IP address but you're gonna have your own obviously.
>> Jem Young: And just say yes, what it's gonna do is it makes a fingerprint of the server and if that server ever changes the fingerprint changes it's gonna warn you every single time. Question?
>> Speaker 2: They're just asking with the -i does in that command.
>> Jem Young: Yes, -i stands for identity, it's just saying I want to use this key.
[00:01:45] Your particular private key to log in to your server.
>> Speaker 2: And then another question was about when they're getting this authenticity of the fingerprint message for the first time, do you just want to explain that to them?
>> Jem Young: Yes, so let me see if I can find that, let me exit out of here.
>> Jem Young: Ta-da, there we go. So we can look at the known host file.
>> Jem Young: Known hosts is a file on your computer kind of like a cache of places you've connected to with a specific fingerprint to that specific server. So just like DNS cache poisoning, someone could also trick your IP and you could hijack someone's computer.
[00:02:31] And when you hijack, say my server and I'm sh-ing in. If that identity ever changes, your computer will let you know. Because now at this point, we're sending through our private key and if someone steals your private key, then, well, they can get into all your stuff, especially if you're using your sh key.
[00:02:48] So that authentication screen where it says this is your identity, do you wanna connect? If you're ever connected to a server that you know and love and that comes up, you should say no. Because it shouldn't ever say that unless the server has changed and then your administrator will tell you that the server has changed.
[00:03:04] But that's a good tip, beware of that, let me just highlight that one more time. Yeah, so if you're connected to a server over ssh and this comes up and you're not familiar with why it's there? As in you don't know why the service changed, say no. Because again, we're sending our private key, over the wire this time.
[00:03:25] Okay? So.
>> Speaker 2: Typing it yes adds it to the known host file, right?
>> Jem Young: Yes.
>> Speaker 2: That's just kinda what.
>> Jem Young: Yeah. And it's a good security so that way, again, if that server ever changes unexpectedly, your computer will let you know before it sends over your private key.