Simplifying SSH

Most experienced Linux users are familiar with Secure Shell (SSH), with some being regular users. The protocol supports encrypted connections with remote devices via TCP/IP according to the client-server principle. Typically, you connect to servers that do not have a graphical user interface (GUI). However, with the appropriate bandwidth, you can manage tools with a GUI using X forwarding.

Easier than SecPanel

Most Windows users are familiar with the PuTTY open source terminal emulator as an interface for SSH, whereas Linux users usually interface with SSH on the command line. Although PuTTY is also available for Linux, SecPanel [1], which has been under development for many years, has gained better acceptance in the Linux world (Figure 1).

Figure 1: Although SecPanel offers more functions than EasySSH, it is also more complicated in daily use.

SecPanel stores frequently used connections in profiles and creates them at the push of a button. If you are looking for a less complex alternative, EasySSH [2] is worth a look. When installing EasySSH, it is important to make sure that you download the correct tool (see the box "Same Names").

Even if you prefer to work at the command line, it makes sense to automate repetitive steps, such as establishing an SSH connection. The more servers you contact, the more useful you will find an easy-to-use GUI tool that remembers each host's data.

Restrictions

EasySSH, which has only been under development for a few months, currently has a major limitation: To reduce the act of opening an SSH connection to a single mouse click, the program saves the access credentials, including the password, in plaintext in the local configuration file. Consequently, it is only suitable for computers that are in a trusted environment or that have an encrypted disk. However, the developer has promised that the configuration file will soon be encrypted and protected by a master password. Once security can be guaranteed, there is no drawback to using this program.

Since EasySSH is not found in the package sources of major distributions at this time, you must install it manually. For easier installation, you can use a Flatpak (current version 1.3.4) available on Flathub [3], the Flatpak app store. Additionally, Arch Linux users can download EasySSH from the AUR.

Flatpak Installation

To install from Flathub, go to the Flatpak Quick Setup [4] and follow the instructions for your distribution. Next, reboot your system. Gnome users should then be able to install the program with Gnome Software (Figure 2); KDE supports the integration of Flatpak applications as of Plasma 5.13 in the Discover graphical package manager.

Figure 2: Flathub is the central app store for Flatpaks. First configure access to this parallel ecosystem and then install EasySSH.

Installation at the command line is faster. To do this, enter the

flatpak install flathub com.github.muriloventuroso.easyssh

command as a normal user. The system first imports the required run-time environments and then EasySSH itself. The run times offer benefits with later Flatpak installations.

How It Works

Once installed, start EasySSH. The main window has a lot of empty space, which is only interrupted by the name of the program and the Add Connection button in the middle. Clicking on the hamburger menu at top right opens a frugal Preferences dialog, which is divided into General and Appearance tabs (Figure 3).

Figure 3: Clicking on the EasySSH hamburger menu lets you access a dialog to configure the application.

Under General, you can define the storage location of the host configuration. By default, this is /var/lib/flatpak, with the configuration folder itself (as for all Flatpaks) residing in the user's home directory under ~/.var/app.

Initially, you do not need to change anything here. It is also possible to synchronize the SSH configuration under /var/lib/flatpak/apps/. In the Appearance tab, you can set a dark theme as default, the color of the terminal background, and the terminal font.

New Connection

To set up a new connection, just click on the corresponding button or the plus sign in the upper left-hand corner. A dialog will then appear prompting you for the information required to establish an SSH connection. You are free to choose your name and group. Organizing this in groups improves the overview if you use several accounts on one server. The host, port, user, and password details are then queried (Figure 4).

Figure 4: A new connection is quickly created. EasySSH stores all necessary access data and reduces the connection overhead to a single mouse click.

A more secure way to connect to servers via SSH is to replace the password with an asynchronous cryptographic key pair, commonly known as an SSH key. The public key is on the server, while the private key remains on the local computer from which you connect.

Alternatively, EasySSH supports the following method: Select the Change Password to Identity File checkbox (Figure 5) in the Edit Connection dialog. Navigate to the public key with the .pub extension, which is located in ~/.ssh by default (see the "Tip" box), and select it.

Figure 5: Clicking the checkbox lets you use an SSH key, which is more secure than a password.

If you do not yet have a key pair or want to create a new pair for EasySSH, then run

ssh-keygen -t rsa -b 4096

in the terminal. (See instructions online (e.g., [5]) for more information on creating SSH keys).

Multiple Connections

After saving the data, a bar appears on the right, listing all the connections you entered (sorted by group and name). A click on an entry lets you delete, edit, and open a connection. If the login information is correct, a terminal opens that, if a password is used, establishes the connection in a tab without further prompting (Figure 6).

Figure 6: EasySSH opens the SSH connection with a single mouse click. Keep in mind, the password currently appears in plaintext.

If you entered an SSH key in the settings, the software prompts you for the matching password in the terminal (if you protected the key). A click on the plus sign in front of the tab opens a second connection to the same server.

Tunneled

If you enter a new connection and click on Advanced below it, you will see another functionality of EasySSH: It is capable of establishing SSH tunnels, which means you can forward a local network port to another port or the same port on a remote computer. The data is routed through a secure SSH connection between the two computers.

Forwarding ends either at the remote computer (the gateway) or at another computer behind the gateway. Building a tunnel makes sense, for example, if you work on unsecured networks while traveling (e.g., in a hotel or Internet café) and therefore require an encrypted transfer option.

Many universities and companies also block outside access to important computers in the network, for which you can use a tunnel through which you first connect to a server. To do this, establish a tunneled connection manually in the terminal as shown in Listing 1. In EasySSH, enter the local and destination ports for Source Port and Destination.

ssh -L <local port>:<target computer>:<target port> -l <user name> <gateway>

Conclusions

EasySSH provides a single-click SSH connection manager. According to the developer, the program does not need any future improvements: The application does its job without any recognizable bugs. It quickly becomes apparent that the developer first took his own application scenarios into account in developing EasySSH. However, the repository on GitHub is very active, which gives hope for a quick remedy to this program's initial teething issues.

In practice, EasySSH is simple and easy to use. Although some important functions are still missing (e.g., password encryption), EasySSH is worth keeping an eye on for future developments.