SSH

Nest is hosted on a server over in Helsinki, Finland! Although I think that's pretty cool, it does pose a problem - I don't live in Helsinki, and you might not either. How are we supposed to access the server as if it's right in front of us? Say hello to SSH!

SSH stands for Secure Shell (Protocol), and it was rather fittingly first designed by a Finnish computer scientist in 1995, Tatu Ylönen. It allows you to run commands and transmit data over a secure and authenticated connection with another computer anywhere on the Internet. Perfect for Nest!

To start an SSH connection, you can run ssh [username]@<host>, where the username is optional (and defaults to your username on your computer), and the host is the domain or IP address of the computer you're trying to connect to. For example, running ssh orpheus@hackclub.appwill try to connect to the server at hackclub.app (Nest) as the user orpheus.

In order to be secure, SSH needs to make sure you're allowed to access the computer that you're trying to connect to. How does it do this? There are two different methods: password-based authentication and public-key authentication.

Password-Based Authentication

This is the simplest way to authenticate over SSH, but also the most insecure. With password-based authentication, it's just as if you're logging into your own computer, with a username and password. SSH will prompt you for the user's password, and if you enter in the correct one, it'll let you in. The danger is that this can be brute-forced if your password isn't strong. For this reason, password-based authentication is disabled on Nest, and you must use public-key authentication.

Public-Key Authentication

On the other hand, public-key authentication is very secure, but more complicted. With password-based authentication, you just have one password (key) that opens the door to the computer you want to connect to, and both you and the other computer have a copy of that key. In public-key authentication, you and the other computer each have a key pair. A key pair is composed of a public key and a private key.

When you start an SSH connection, your computer sends the other your public key, and they send you their public key. If the other computer doesn't have your public key listed as authorized, then it'll deny your request to connect. Your private key, which you should never share, is used to verify that you are the true owner of the public key you send.

If you've signed up for Nest, this is why you had to give Nest Bot your public key. Nest Bot puts your public key as authorized to connect to Nest as your user.

Once you've successfully authenticated yourself, a secure connection between you and the other computer will be established! You can now run any commands you wish, as if the other computer was right in front of you. See Linux for how to use the command line.

Whenever you're done, you can exit the SSH session with exit.