Another common recommendation is to disable root logins with the PermitRootLogin no in sshd_config. This is one of those debatable security measures. Allowing SSH root logins over the Internet is definitely unwise. On your LAN, there are times when it is convenient to allow root logins.
Running Remote Applications
With SSH you can run remote applications. This is faster than running a whole remote graphical desktop, and any new files that are created by the application stay on the remote PC. I use this most often for Kmail; I can run it from any computer in the house and all my mail stays on the “master” computer. Use this command to run remote graphical applications:
Running Remote Applications
With SSH you can run remote applications. This is faster than running a whole remote graphical desktop, and any new files that are created by the application stay on the remote PC. I use this most often for Kmail; I can run it from any computer in the house and all my mail stays on the “master” computer. Use this command to run remote graphical applications:
$ ssh -Y carla@remotepc
carla@remotepc’s password:
[snip gobs of output]
Last login: Wed Oct 14 08:21:04 2009 from 192.168.2.21
carla@remotepc:~$
carla@remotepc’s password:
[snip gobs of output]
Last login: Wed Oct 14 08:21:04 2009 from 192.168.2.21
carla@remotepc:~$
Now all I do is enter kmail on the carla@remotepc command prompt. I can run any application that is installed on the remote PC, and open multiple SSH sessions. All files remain on the remote PC. The -Y switch makes it possible to run graphical apps over SSH. You have to specify the username and remote host. If you don’t have name services set up, use the IP address.
What if you don’t remember the IP address and don’t feel like walking over to the other PC to find out? Use nmap to scan your LAN and report addresses and hostnames:
$ nmap -sP 192.168.1.*
Starting Nmap 5.00 ( http://nmap.org ) at 2009-10-14 09:47 CDT
Host computer.lan.net (192.168.1.50) is up (0.0023s latency).
Host 192.168.1.221 is up (0.0017s latency).
Host 192.168.1.227 is up (0.042s latency).
Host otherpc.lan.net (192.168.1.189) is up (0.058s latency).
Nmap done: 256 IP addresses (4 hosts up) scanned in 10.57 second
Host computer.lan.net (192.168.1.50) is up (0.0023s latency).
Host 192.168.1.221 is up (0.0017s latency).
Host 192.168.1.227 is up (0.042s latency).
Host otherpc.lan.net (192.168.1.189) is up (0.058s latency).
Nmap done: 256 IP addresses (4 hosts up) scanned in 10.57 second
When you’re finished with your SSH session close your remote apps and type exit to log out.
SSHFS For Sharing Whole Directories
SSHFS operates the other way from SSH– it mounts remote directories locally, so you can open and edit files just as though they were on your local machine. It doesn’t matter what applications are installed on the remote PC because you’re not using them, you’re using local apps. Installing SSHFS is easy, complicated mainly by inconsistent package names. On Debian and Ubuntu it’s sshfs. On Fedora it’s fuse-sshfs. On PCLinuxOS sshfs-fuse. Whatever, we’re just dumb lusers and distro maintainers don’t need to worry about us.
SSHFS For Sharing Whole Directories
SSHFS operates the other way from SSH– it mounts remote directories locally, so you can open and edit files just as though they were on your local machine. It doesn’t matter what applications are installed on the remote PC because you’re not using them, you’re using local apps. Installing SSHFS is easy, complicated mainly by inconsistent package names. On Debian and Ubuntu it’s sshfs. On Fedora it’s fuse-sshfs. On PCLinuxOS sshfs-fuse. Whatever, we’re just dumb lusers and distro maintainers don’t need to worry about us.
But I digress. Install whatever SSHFS package your distro uses, and then you may need to add your login to the fuse group. Either edit /etc/group or use your graphical user and groups manager. Log out and then log back in.
Now you’re all ready. First create a local directory for the mountpoint. Do this is your home directory to avoid permissions drama:
$ mkdir remotestuff
Now you can mount any remote directory from any remote machine that you have permissions to access. I just mount my entire remote home directory:
$ sshfs carla@remotepc:/home/carla remotestuff/
You’ll be asked for your remote password, and that’s all there is to it. Now the local remotestuff directory has all the contents of the remote home directory, and files can be copied, edited, and moved around just as though it were a local directory.
