Skip to content
(+381) 60 3535 720
My account
BeoHosting
BeoHosting
My accountContact
(+381) 60 3535 720
 
Technical

How to Use SSH to Manage a Server

BeoHosting Team··12 min read read
How to Use SSH to Manage a Server

What SSH is and why it matters

SSH (Secure Shell) is a network protocol that enables secure communication between two computers over an insecure network. In the context of web hosting, SSH lets you connect to your server and manage it via the command line - install software, edit configuration files, restart services, view logs, and perform all administrative tasks.

Before SSH, administrators used the Telnet protocol that sent all data (including passwords) in an unencrypted form. SSH replaced Telnet by bringing encryption to the entire communication, meaning no one eavesdropping on network traffic can see what you do on the server or steal your access credentials.

SSH works on a client-server architecture principle. Your computer (client) runs an SSH client program that connects to the SSH server (daemon) running on the remote server, usually on port 22. After authentication, you get access to the server's command line as if you were sitting in front of it.

SSH clients

To connect to a server via SSH, you need an SSH client program on your computer.

Linux and macOS - Terminal

Linux and macOS come with a built-in SSH client. Open the Terminal application and use the command: ssh user@server-ip-address. For example: ssh root@185.210.45.67. The system will ask for your password (or use an SSH key if configured). After successful authentication, you'll see the server's command prompt and can start working.

Windows - PuTTY

PuTTY is the most popular free SSH client for Windows. Download it from the official site (putty.org) and run it. In the "Host Name" field enter the server's IP address, leave the port at 22, select "SSH" as the connection type, and click "Open". A terminal window will appear with a prompt for username and password.

Windows 10/11 - built-in SSH

Newer Windows versions (10 and 11) come with a built-in OpenSSH client. Open PowerShell or Command Prompt and use the same ssh command as on Linux. This is a simpler approach than PuTTY because it doesn't require installing additional software and uses the same interface as Linux/macOS.

Advanced clients

For users who work with multiple servers daily, advanced clients like Termius, MobaXterm, or Royal TSX offer additional features: saving connections, an SFTP file manager, tabs for multiple sessions, a snippet manager, and integration with cloud platforms.

Basic SSH configuration

Proper SSH connection configuration saves you time and improves security.

SSH config file

On Linux and macOS, you can create a ~/.ssh/config file that stores settings for your servers. Instead of typing the full command with IP address, username, and port every time, you can define aliases. For example, you can define a "myserver" alias with Host, HostName (IP address), User (username), Port, and IdentityFile (path to the SSH key). After that, it's enough to type ssh myserver and everything will be applied automatically.

Changing the default port

SSH uses port 22 by default. Changing to a different port (for example 2222 or another non-standard port) reduces the number of automated attacks because most bots only scan port 22. This isn't a real security measure (security through obscurity), but it effectively reduces "noise" in logs. Change the port in the /etc/ssh/sshd_config file on the server.

SSH key authentication

Key authentication is more secure and more convenient than using passwords. Instead of remembering and typing a password every time, you use a cryptographic key pair.

How it works

An SSH key pair consists of a private key (which stays on your computer and is never shared) and a public key (which is placed on the server). When you connect, the server sends a challenge that only the owner of the private key can solve. Your SSH client uses the private key to sign, the server verifies the signature with the public key, and - if they match - authentication is successful. The password is never transmitted over the network.

Generating a key

On Linux and macOS use the ssh-keygen command to generate a key. We recommend the Ed25519 algorithm, which is modern, fast, and secure. The command will ask where to save the key (default ~/.ssh/id_ed25519) and whether you want a passphrase (an additional password to protect the key - recommended). Two files will be created: the private key and the public key with a .pub extension.

Placing the public key on the server

The public key should be copied to the server in the ~/.ssh/authorized_keys file of the user you're connecting as. The easiest way is the ssh-copy-id command, which automatically copies your public key to the server. Alternatively, you can manually add the contents of the .pub file to authorized_keys on the server.

Disabling password

Once you confirm SSH keys work, it's recommended to disable password authentication on the server by editing the sshd_config file and setting PasswordAuthentication to no. This dramatically increases security because bots can't guess the password - the only way to access is by possessing the private key.

Most important SSH commands

Here are the commands you'll use most often on the server.

Navigation and files

  • ls -la: Lists files in the directory with detailed information (permissions, owner, size, date).
  • cd /path/to/directory: Changes the active directory.
  • pwd: Shows the current directory.
  • cat file.txt: Displays the contents of a file in the terminal.
  • nano file.txt: Opens a file in the nano editor for editing. Ctrl+O to save, Ctrl+X to exit.
  • cp source destination: Copies a file. Add -r for directories.
  • mv source destination: Moves or renames a file or directory.
  • rm file: Deletes a file. rm -rf directory deletes a directory with all its contents (be careful with this command!).
  • chmod 755 file: Changes file permissions (755 = owner all, group/others read and execute).
  • chown user:group file: Changes file ownership.

System and services

  • top or htop: Shows active processes and resource usage (CPU, RAM) in real time.
  • df -h: Shows disk usage in a readable format.
  • free -h: Shows memory (RAM) usage.
  • systemctl status nginx: Shows the status of a service (nginx, mysql, php-fpm, etc.).
  • systemctl restart nginx: Restarts a service.
  • journalctl -u nginx -f: Tails service logs in real time.
  • tail -f /var/log/syslog: Tails the system log in real time.

Network

  • ping domain.com: Tests the connection to a server or domain.
  • curl -I https://domain.com: Shows the HTTP headers of a site (useful for checking redirects and headers).
  • netstat -tulpn: Shows all active network connections and listening ports.
  • dig domain.com: A DNS query that shows DNS records for a domain.

File transfer

The SSH protocol also enables secure file transfer between your computer and the server.

SCP (Secure Copy)

SCP uses SSH to copy files. To upload a file to the server use scp local_file user@server:/path/on/server. To download from the server use scp user@server:/path/on/server/file ./local_directory. To copy entire directories add the -r flag. SCP is simple but doesn't offer advanced features like resuming interrupted transfers.

SFTP (SSH File Transfer Protocol)

SFTP is an interactive file transfer protocol that runs over SSH. You can use it from a terminal with the sftp user@server command or through graphical clients like FileZilla, WinSCP, or Cyberduck. SFTP offers directory navigation, file browsing, upload/download with interrupted transfer resuming, and permission management - all over a secure SSH connection.

rsync

rsync is a more advanced file synchronization tool that transfers only changes (the delta) instead of entire files. It's ideal for backup and synchronizing large amounts of data. The command rsync -avz --progress source user@server:/destination synchronizes a local directory with a server one, transferring only changed files. rsync also supports compression during transfer and resuming interrupted operations.

SSH security recommendations

  • Use SSH keys: Always prefer keys over passwords. Disable password authentication after setting up keys.
  • Restrict access: Use AllowUsers or AllowGroups in sshd_config to restrict which users can access SSH.
  • Fail2ban: Install fail2ban, which automatically blocks IP addresses after a certain number of failed login attempts.
  • Update regularly: Keep the SSH server (OpenSSH) up to date because security vulnerabilities are occasionally discovered and patched.
  • Protect the private key: Never share the private key. Set a passphrase on the key. Keep a backup in a safe place.
  • Disable root access: Set PermitRootLogin to no or prohibit-password and use sudo for administrative tasks.

Conclusion

SSH is the fundamental tool for server management, and every VPS or dedicated server owner should learn the basic SSH commands. Start with simple tasks like viewing logs and restarting services, then gradually move to advanced configurations like SSH keys and firewall configuration. With practice, the command line becomes faster and more efficient than any graphical interface. At BeoHosting, all our VPS plans come with SSH access and full root control, and our support team is always available to help with configuration and security setup.

BeoHosting Team

10+ years of experience — Web hosting and infrastructure specialists

  • Web Hosting
  • WordPress Hosting
  • VPS
  • Dedicated Serveri
  • Domeni
  • SSL
  • cPanel
  • LiteSpeed
  • Linux administracija
  • DNS

Last updated:

Related articles

What Is cPanel - A Guide with Examples

1. avgust 2025.

What Is HTTP/3 and How It Speeds Up Your Site

31. jul 2025.

How to Use FTP - FileZilla Beginner Guide

22. jul 2025.
Back to blogMore from category: Technical