Connect with SSH
Last updated
Last updated
Connecting remotely to a staking machine, whether it's hosted by a cloud provider (AWS, etc.) or running in your home is most often achieved using SSH (Secure Shell).
SSH is a command line tool that allows direct access to a remote machine. This tutorial will cover:
This tutorial won't cover the networking setup required to get a static IP, hostname and/or VPN as those are covered in other tutorials.
While SSH on its own is a great tool, there are some limitations that can be frustrating when connecting over a poor internet connection. For example, if the internet drops even for a second (if you're in a moving car or train) or you change WiFi networks, the SSH connection will be closed.
When you installed Linux on your staking machine the installation options should have asked if you would like to install SSH during the setup process.
To check if SSH is installed on your staking machine run the command:
If SSH is installed you should see a response showing the installed version:
If you get an error or don't see the version output then it's likely that the SSH server is not installed. When you want to install any new packages to your Linux system it's best practice to make sure that your current packages are up to date for security purposes:
Then install openssh-server
:
If you are using UFW as your firewall and have restricted incoming and outgoing connections then you will need to add the SSH port to allow remote connections (replacing <SSH_PORT>
with the configured SSH port - the default port is 22
):
Once you have confirmed SSH is installed on your staking machine, you can connect from a different machine using the command:
For example: ssh eridian@186:204:70:208
This command attempts to connect with your user's username at the specific IP address (or Host Name) of your staking machine.
You may get a prompt saying something like "You haven't connected to this machine before, do you want to trust it?" to which you should submit Yes
as the response.
At this point, if everything is configured correctly, you should be prompted to input your password. This is the password you use to log in with your staking machine user.
If you are using a different port for your SSH connection then you can specify the port when connecting using:
Benefits of using Mosh:
If you have an intermittent internet connection (e.g. a mobile connection or you're in a moving vehicle) a standard SSH connection will fail whenever the connection is lost. The connection must then be manually re-established, which can be annoying if it happens often and you are using additional security steps such as 2FA. Mosh allows connections to be dropped and automatically re-established when the internet signal reconnects.
Mosh uses a predictive interface for typing commands into the console. Standard SSH only shows the typed command once it has returned from the remote server. If you have a slow connection, this can be perceived as a laggy/slow interface. Mosh displays the text as you type commands, giving a much nicer user experience.
Limitations of using Mosh:
A limitation you will notice when using Mosh is that you can't scroll back up the terminal history. This is due to the way Mosh only renders the current screen, which has some performance advantages but can be frustrating if you miss something and can't scroll back to see it.
The Mosh package should be installed on both sides of the connection. That means both your staking machine and the machine you want to connect from (e.g. your everyday computer) will need Moshβ installed.
Install Mosh on your staking machine:
If you are using UFW, allowing Mosh ports through the firewall:
Mosh uses the same connection method as SSH, so once it is installed and the ports have been allowed it should be as simple as connecting with the command:
If you have changed the default SSH port you can specific the port used by Mosh using the command:
The Blink Shellβ mobile app for iOS allows you to connect to your staking machine using both SSH and Mosh.
On your device (iPhone or iPad) open the Blink Shell app and type:
Keys & Certificates can be added if you are using an SSH key for your connections:
Hosts can be configured so you have an alias command e.g. ssh validator
that you can use with preconfigured settings
iCloud sync can be turned off if you don't want your SSH keys and passwords to be stored in iCLoud.
Auto Lock is a useful feature to add additional security to your portable device.
And that's it! You can now connect to your home staking validator remotely from your iOS device πΊοΈ
For additional security, SSH keys can be used alongside or instead of your username/password authentication when connecting to your staking machine.
Follow the instructions here to generate SSH keys: https://linuxconfig.org/how-to-generate-and-manage-ssh-keys-on-linux
The default port configured is 22
for SSH connections. If you want to change the default port for any reason (e.g. due to port forwarding on your router or the port being used by another service) follow these steps:
Open the /etc/ssh/sshd_config
file and locate the line:
Uncomment that line (by removing the leading #
character) and change the value with an appropriate port number (for example, 22000):
Save the change.
Restart the SSH server:
To confirm the port has been updated correctly run:
The result should show the new port number: