Many guides on Null Byte require using the Secure Shell (SSH) to connect to a remote server. Unfortunately for beginners, learning to use SSH can become a confusing mix of third-party programs and native OS support. For Chrome OS users, using SSH is even more difficult. We'll fix this by using the Chrome Secure Shell app to establish an SSH connection from any device that can run a Chrome browser.
The Secure Shell Chrome application provides PuTTy-like functionality for those that are familiar with the third-party Windows software. The app is an xterm-compatible terminal emulator and stand-alone SSH client for Chrome. It works by combining the SSH command ported to the Google Native Client with the hterm terminal emulator, which allows the app to provide a Secure Shell client within the browser without relying on external proxies.
In just a few minutes, you'll be able to establish an SSH connection from your Chrome browser. For obvious reasons, you're going to need to install the Chrome browser, so make sure to download Chrome if you don't already have it installed.
To begin, we need to download the Secure Shell app from the Chrome Web Store. After navigating to the link in your Chrome browser, click on the "Add To Chrome" button in the top right-hand corner of the popup window.
Following that, a dialog window will appear asking you to confirm that you want to add the app. Click "Add app" to install the application.
The app will then begin downloading, and it shouldn't take more than a minute or two to finish installing. If you're still in the Chrome Web Store, then a new "Launch App" button will appear where the "Add To Chrome" button was formerly.
In addition, you can also open the SSH app by navigating to the apps screen. This can be done by opening a new tab in the Chrome browser and clicking on "Apps" in the top left-hand corner or putting chrome://apps/ into the search bar at the top of the screen. Once there, you should see the "Secure Shell" icon in your list of apps. Click the icon to open the app.
Another method (and the easiest) to open a Secure Shell is to simply type SSH into the search bar at the top of the browser, and then press space and enter, which will directly open a Secure Shell tab.
Now that we have the Secure Shell app open and running, it's simple to establish an SSH connection. In the SSH screen, there will be a window with several settings available. Look at the first setting, and ensure that "New Connection" is selected by clicking on it so that it looks like the image below.
Next, type a name for your new connection in the top text box which says "username@hostname or free-form text." This name can be anything, so try to pick the most accurate name that will help you remember which connection goes to which device. For example, you might use "retroPie" or "Basement media server," as even a somewhat specific name like "Raspberry Pi" can become confusing when you have more than one Pi.
Alternatively, you can simply begin typing the connection into the name bar, and it will automatically fill in the proper boxes below. Otherwise, you will need to fill each box in manually.
In the "Username" box, you should put the username for the server you're connecting to. Some common default usernames are "root" and "pi."
The hostname should be the web domain or IP address of the server you wish to connect to. In my case, I'm connecting to my Android phone, which is on my local Wi-Fi network. Because this is the case, I'll be using use my Android phone's local IP address of "192.168.0.13." After that, a port needs to be selected. The default port number for SSH connections is 22, but this can be easily changed, so your server may use a different port.
Once all of the required information has been entered, click the "Connect" button at the bottom of the window or press enter. After the first time you make a connection, you'll only need to select the name of the connection in the box to connect again, as the app will remember all of the login details.
Perhaps the most exciting feature to use with the Secure Shell app is it allows you to establish an SSH connection in a matter of seconds by simply typing in the search bar at the top of the browser. To do this, you can use the following format, which is the same as you might use in a macOS or Linux terminal window.
Upon a successful connection, you will see the always-familiar terminal window appear. The first time you connect to a server, you will be provided with a key fingerprint that you need to accept. This fingerprint is used for easy identification and verification that the server you are connecting to is legitimate.
The fingerprint should be the same every time you log in to the same system. If you ever get a message that the fingerprint has changed, it's a warning sign that someone is interfering with the connection. After accepting the fingerprint, you'll be prompted to enter your credentials, just like any other SSH connection.
That's it! You've successfully used your Chrome browser to establish a SSH connection.
Passwords aren't the only way to authenticate an SSH connection. The other most common method is called public key authentication. This method uses a cryptographic key pair, one public and one private, in place of a password. The public key is configured on the server to authorize server access to those users with a copy of the private key.
Using key-based authentication adds an extra layer of convenience when a human is connecting by eliminating the requirement to input a password. The key exchange is considered to be the password instead. Key authentication is also the de-facto way to set up an automated SSH connection, such as automated file transfers.
Secure Shell includes the ability to employ key-based authentication, which it calls "identity files." To import identity files from the connection screen, click on "Import" and select your public and private keys.
The private key should not have a file extension, while the public key should have the PUB extension. For example, you might have "id_rsa" as your private key and "id_rsa.pub" as your public key.
If the key pair is stored in a PEM file, you must split it into two files before importing. This can be by opening the PEM file in a text editor and copy and pasting each key into a new document. Without doing this, the app will not accept it. The PEM file will look something like this:
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
-----BEGIN PUBLIC KEY-----
-----END PUBLIC KEY-----
Save the new documents under the original filename. For example, "id_rsa.pub" would be the file name for the public key.
If you ever wish to delete any of these keys because they are no longer valid, navigate to the connection screen, and select the identity associated with that key from the drop-down menu. Now, press the Delete key. This will remove both the private and public key files from the HTML5 filesystem.
The Secure Shell Chrome app is a wonderful little tool to make the lives of developers, programmers, and hackers easier when connecting to remote devices. The ability to use SSH directly from your Chrome browser is not a groundbreaking feat, but it adds cross-platform convenience to using SSH that cannot be understated. For Chrome OS users in particular, the Secure Shell app is the best way for you to be able to establish an SSH connection.
Thanks for reading! If you have any questions, you can ask me here or on Twitter @The_Hoid.