Configuring and using SSH

To use SSH on your virtual machines, you must first have an installed SSH client on your host system. An SSH client is integrated into most Linux and OS X systems and can be accessed from the terminal interface. If you are using a Windows host, you will need to download and install a Windows terminal services client. One that is free and easy to use is PuTTY. PuTTY can be downloaded at http://www.putty.org/.

You will initially need to enable SSH directly from the terminal in the graphical desktop interface. This command will need to be run directly within the virtual machine client. With the exception of the Windows XP virtual machine, all of the other virtual machines in the lab are Linux distributions and should natively support SSH. The technique to enable this is the same in nearly all Linux distributions and is shown as follows:

The /etc/init.d/ssh start command will start the service. You will need to prepend sudo to this command if you are not logged in with root. If an error is received, it is possible that the SSH daemon has not been installed on the device. If this is the case, the command apt-get install ssh can be used to install the SSH daemon. Then, ifconfig can be used to acquire the IP address of the system, which will be used to establish the SSH connection. Once activated, it is now possible to access the VMware guest system using SSH from your host system. To do this, minimize the virtual machine and open your host's SSH client.

If you are using Mac OSX or Linux for your host system, the client can be called directly from the terminal. Alternatively, if you are running your VMs on a Windows host, you will need to use a terminal emulator such as PuTTY. In the following example, an SSH session is established by supplying the IP address of the Kali virtual machine:

DEMOSYS:~ jhutchens$ ssh root@172.16.36.244
The authenticity of host '172.16.36.244 (172.16.36.244)' can't be established.
RSA key fingerprint is c7:13:ed:c4:71:4f:89:53:5b:ee:cf:1f:40:06:d9:11.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.16.36.244' (RSA) to the list of known hosts.
root@172.16.36.244's password: 
Linux kali 3.7-trunk-686-pae #1 SMP Debian 3.7.2-0+kali5 i686

The programs included with the Kali GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Kali GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
root@kali:~#

The appropriate usage for the SSH client is ssh [user]@[IP address]. In the example provided, SSH will access the Kali system (identified by the provided IP address) using the root account. Since the host is not included in your list of known hosts, you will be prompted to confirm the connection the first time. To do this, enter the word, yes. You will then be prompted to enter the password for the root account. After entering it, you should be given remote shell access to the system. The same process can be accomplished in Windows by using PuTTY. This can be downloaded at the link provided in the Getting ready section of this recipe. Once downloaded, open PuTTY and enter the IP address of the virtual machine into the Host Name field and ensure that the SSH radio button is selected, as seen in the following screenshot:

Once the connection configurations have been set, click on the Open button to launch the session. We will then be prompted for the username and password. We should enter the credentials for the system that we are connecting to. Once the authentication process is completed, we will be granted remote terminal access to the system, as seen in the following screenshot:

It is possible to avoid having to authenticate every time by providing your public key into the authorized_keys file on the remote host. The process to do this is as follows:

root@kali:~# ls .ssh
ls: cannot access .ssh: No such file or directory
root@kali:~# mkdir .ssh
root@kali:~# cd .ssh/
root@kali:~/.ssh# nano authorized_keys

First, ensure that the .ssh hidden directory already exists in the root directory. To do this, use ls and the directory name. If it does not exist, use mkdir to create the directory. Then, use the cd command to change the current location into that directory. Then, create a file named authorized_keys using either Nano or VIM. If you are not familiar with how to use these text editors, see the Using text editors (VIM and Nano) recipe in this chapter. In this file, you should paste the public key used by your SSH client as follows:

DEMOSYS:~ jhutchens$ ssh root@172.16.36.244
Linux kali 3.7-trunk-686-pae #1 SMP Debian 3.7.2-0+kali5 i686

The programs included with the Kali GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Kali GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Sat May 10 22:38:31 2014 from 172.16.36.1
root@kali:~#

Once you have done this, you should be able to connect to SSH without having to supply the password for authentication.

SSH establishes an encrypted communication channel between the client and server. This channel can be used to provide remote management services and to securely transfer files with Secure Copy (SCP).