{"id":12705,"date":"2025-12-20T12:12:18","date_gmt":"2025-12-20T06:42:18","guid":{"rendered":"https:\/\/www.youstable.com\/blog\/?p=12705"},"modified":"2025-12-24T16:17:37","modified_gmt":"2025-12-24T10:47:37","slug":"what-is-ssh-on-linux-server","status":"publish","type":"post","link":"https:\/\/www.youstable.com\/blog\/what-is-ssh-on-linux-server","title":{"rendered":"What is SSH on Linux Server? How to Secure Remote Linux Access"},"content":{"rendered":"\n<p><strong>SSH on a Linux server<\/strong> is a secure, encrypted protocol (Secure Shell) used to remotely access, manage, and transfer files between systems. It replaces insecure methods like Telnet by using public key cryptography and strong ciphers. With SSH, admins can log in, run commands, automate tasks, tunnel traffic, and securely administer servers over any network.<\/p>\n\n\n\n<p>If you manage infrastructure, understanding SSH on Linux server environments is essential. In this guide, you\u2019ll learn what SSH is, how it works, how to install and use it, and how to harden it for production.<\/p>\n\n\n\n<p>I\u2019ll share practical steps, battle-tested tips, and security best practices from 12+ years working with hosting, cloud, and Linux servers.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"what-is-ssh-and-how-it-works\"><strong>What is SSH and How it Works<\/strong>?<\/h2>\n\n\n\n<div class=\"wp-block-media-text has-media-on-the-right is-stacked-on-mobile\"><div class=\"wp-block-media-text__content\">\n<p>SSH (Secure Shell) is a cryptographic network protocol that provides secure remote login and command execution. On Linux, it\u2019s typically implemented by OpenSSH. SSH consists of a server daemon (<code>sshd<\/code>) that listens on a port (default 22) and a client (<code>ssh<\/code>) you run from your local machine.<\/p>\n<\/div><figure class=\"wp-block-media-text__media\"><img loading=\"lazy\" decoding=\"async\" width=\"1168\" height=\"784\" src=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/What-Is-SSH-and-How-It-Works.png\" alt=\"What Is SSH and How It Works\" class=\"wp-image-13214 size-full\" srcset=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/What-Is-SSH-and-How-It-Works.png 1168w, https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/What-Is-SSH-and-How-It-Works-150x101.png 150w\" sizes=\"auto, (max-width: 1168px) 100vw, 1168px\" \/><\/figure><\/div>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Encryption:<\/strong> Establishes a secure channel using asymmetric keys during handshake, then switches to fast symmetric ciphers.<\/li>\n\n\n\n<li><strong>Authentication: <\/strong>Validates users via passwords, public keys (recommended), or multi-factor methods.<\/li>\n\n\n\n<li><strong>Integrity: <\/strong>Ensures data isn\u2019t tampered with using MACs (message authentication codes).<\/li>\n\n\n\n<li><strong>Extensibility:<\/strong> Supports SFTP\/SCP for file transfer and tunneling for port forwarding.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"why-ssh-matters-for-server-administration\"><strong>Why SSH Matters for Server Administration<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Secure remote shell: <\/strong>Run commands, edit configs, and manage services from anywhere.<\/li>\n\n\n\n<li><strong>File transfer:<\/strong> Use SFTP\/SCP for encrypted uploads\/downloads and backups.<\/li>\n\n\n\n<li><strong>Automation: <\/strong>CI\/CD, Ansible, and scripts use SSH keys for passwordless access.<\/li>\n\n\n\n<li><strong>Tunneling: <\/strong>Securely expose internal services (databases, dashboards) without public access.<\/li>\n\n\n\n<li><strong>Auditing and control:<\/strong> Centralize access, restrict users, and log activity.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"install-and-enable-ssh-on-popular-linux-distros\"><strong>Install and Enable SSH on Popular Linux Distros<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"ubuntu-debian\"><strong>Ubuntu\/Debian<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo apt update\nsudo apt install -y openssh-server\nsudo systemctl <a href=\"https:\/\/www.youstable.com\/blog\/how-to-enable-ssh-access-for-clients-or-users\/\">enable --now ssh<\/a>\nsudo systemctl status ssh\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"rhel-centos-rocky-almalinux\"><strong>RHEL\/CentOS\/Rocky\/AlmaLinux<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo dnf install -y openssh-server\nsudo systemctl enable --now sshd\nsudo systemctl status sshd\n<\/code><\/pre>\n\n\n\n<p>Allow SSH in your firewall:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># UFW (Ubuntu\/Debian)\nsudo ufw allow 22\/tcp\nsudo ufw enable\n\n# firewalld (RHEL family)\nsudo firewall-cmd --permanent --add-service=ssh\nsudo firewall-cmd --reload\n<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"first-connection-and-essential-ssh-commands\"><strong>First Connection and Essential SSH Commands<\/strong><\/h2>\n\n\n\n<p>Replace <code>user<\/code> with your server user and <code>server<\/code> with the IP or hostname. The first connection will ask you to trust the host key fingerprint\u2014verify it via your provider or console before accepting.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Basic login\nssh user@server\n\n# Custom port\nssh -p 2222 user@server\n\n# Use a specific private key\nssh -i ~\/.ssh\/id_ed25519 user@server\n\n# Copy files\nscp file.txt user@server:\/var\/www\/\nscp -r site\/ user@server:\/var\/www\/site\/\n\n# SFTP interactive session\nsftp user@server\n\n# Rsync over SSH (efficient sync\/backup)\nrsync -avz -e \"ssh -p 22\" .\/localdir\/ user@server:\/backup\/localdir\/\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"ssh-keys-generate-deploy-and-manage\"><strong>SSH Keys: Generate, Deploy, and Manage<\/strong><\/h3>\n\n\n\n<p>Key-based authentication is the gold standard. It provides strong security and enables passwordless login. Prefer Ed25519 keys for modern, secure defaults.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Generate a key pair (use a strong passphrase when prompted)\nssh-keygen -t ed25519 -C \"you@example.com\"\n\n# Deploy your public key to the server (easiest method)\nssh-copy-id -i ~\/.ssh\/id_ed25519.pub user@server\n<\/code><\/pre>\n\n\n\n<p>Manual deployment (when <code>ssh-copy-id<\/code> isn\u2019t available):<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>mkdir -p ~\/.ssh &amp;&amp; chmod 700 ~\/.ssh\ncat ~\/id_ed25519.pub &gt;&gt; ~\/.ssh\/authorized_keys\nchmod 600 ~\/.ssh\/authorized_keys\n<\/code><\/pre>\n\n\n\n<p>Use an agent to cache decrypted keys during a session:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>eval \"$(ssh-agent -s)\"\nssh-add ~\/.ssh\/id_ed25519\n<\/code><\/pre>\n\n\n\n<p>Organize multiple servers with a per-host config to simplify commands:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># ~\/.ssh\/config\nHost prod-web\n  HostName 203.0.113.10\n  User ubuntu\n  Port 22\n  IdentityFile ~\/.ssh\/id_ed25519\n\nHost db-internal\n  HostName 10.0.1.10\n  User ec2-user\n  ProxyJump prod-bastion\n\nHost prod-bastion\n  HostName 203.0.113.20\n  User ec2-user\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"hardening-ssh-for-production\"><strong>Hardening SSH for Production<\/strong><\/h3>\n\n\n\n<p>Secure defaults vary by distro. Review and tighten <code>\/etc\/ssh\/sshd_config<\/code>, then reload SSH. Always keep a second session open when applying changes to prevent lockouts.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Common secure baseline (adjust to your environment)\nPort 22\nPermitRootLogin no\nPasswordAuthentication no\nPubkeyAuthentication yes\nAllowUsers ubuntu deploy\nMaxAuthTries 3\nLoginGraceTime 20\nClientAliveInterval 300\nClientAliveCountMax 2\nX11Forwarding no\nUsePAM yes\n<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code># Reload safely (Ubuntu\/Debian)\nsudo systemctl reload ssh\n\n# Reload safely (RHEL family)\nsudo systemctl reload sshd\n<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"should-you-change-the-default-port\"><strong>Should You Change the Default Port?<\/strong><\/h2>\n\n\n\n<p>Changing port 22 to a high, uncommon port reduces bot noise and log spam but does not replace real security controls. If you change it, adjust firewalls and, for SELinux, label the new port.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Example SELinux label for custom port 2222\nsudo semanage port -a -t ssh_port_t -p tcp 2222\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"disable-root-login\"><strong>Disable Root Login<\/strong><\/h3>\n\n\n\n<p>Use a non-root user with sudo. This reduces blast radius and improves auditability.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"enforce-key-based-logins\"><strong>Enforce Key-Based Logins<\/strong><\/h3>\n\n\n\n<p>Disable passwords in <code>sshd_config<\/code> with <code>PasswordAuthentication no<\/code>. Keep at least one working key verified before toggling this in production.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"limit-who-can-log-in\"><strong>Limit Who Can Log In<\/strong><\/h3>\n\n\n\n<p>Use <code>AllowUsers<\/code> or <code>AllowGroups<\/code> and restrict by IP at the firewall. Consider a bastion host and ProxyJump for <a href=\"https:\/\/www.youstable.com\/blog\/500-internal-server-error\/\">internal servers<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"rate-limit-and-block-attacks\"><strong>Rate-Limit and Block Attacks<\/strong><\/h3>\n\n\n\n<p>Fail2ban detects repeated failures and bans offending IPs automatically.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo apt <a href=\"https:\/\/www.youstable.com\/blog\/install-fail2ban-on-linux\/\">install -y fail2ban<\/a>   # or dnf install fail2ban\nsudo systemctl enable --now fail2ban\nsudo fail2ban-client status sshd\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"keep-openssh-updated\"><strong>Keep OpenSSH Updated<\/strong><\/h3>\n\n\n\n<p>Apply security updates regularly. For high-security environments, consider SSH certificates, hardware keys (FIDO2), and MFA via PAM (e.g., Google Authenticator or Duo).<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"ssh-tunneling-and-port-forwarding\"><strong>SSH Tunneling and Port Forwarding<\/strong><\/h3>\n\n\n\n<p>Tunneling is powerful for securely accessing internal services without exposing them to the internet.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Local forwarding (<code>-L<\/code>):<\/strong> Access a remote service locally.<\/li>\n\n\n\n<li><strong>Remote forwarding (<code>-R<\/code>):<\/strong> Expose your local service to the remote server.<\/li>\n\n\n\n<li><strong>Dynamic forwarding (<code>-D<\/code>)<\/strong>: Create a SOCKS proxy to route app traffic via SSH.<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code># Local: connect to remote DB at localhost:5432\nssh -L 5432:127.0.0.1:5432 user@server\n\n# Remote: share local web app at remote:8080\nssh -R 8080:127.0.0.1:80 user@server\n\n# Dynamic: start SOCKS proxy at local port 1080\nssh -D 1080 user@server\n<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"troubleshooting-ssh-quickly\"><strong>Troubleshooting SSH Quickly<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Permission denied (publickey):<\/strong> Check file permissions (<code>~\/.ssh<\/code> is 700, private key 600), ensure the right key is used, and verify <code>authorized_keys<\/code> content and ownership.<\/li>\n\n\n\n<li><strong>Connection refused\/timeouts:<\/strong> Confirm <code>sshd<\/code> is running and listening; check firewalls and security groups.<\/li>\n\n\n\n<li><strong>Host key verification failed:<\/strong> The server\u2019s key changed. Verify out-of-band and update <code>~\/.ssh\/known_hosts<\/code> if legitimate.<\/li>\n\n\n\n<li><strong>Debug with verbosity:<\/strong> <code>ssh -vvv user@server<\/code> to trace key negotiation and failures.<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code># Is sshd listening?\nsudo ss -tlpn | grep sshd\n\n# Logs\nsudo journalctl -u ssh -f        # Debian\/Ubuntu\nsudo journalctl -u sshd -f       # RHEL\/CentOS\/Rocky\/Alma\n<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"best-practices-checklist\"><strong>Best Practices Checklist<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use Ed25519 keys with strong passphrases; manage with <code>ssh-agent<\/code>.<\/li>\n\n\n\n<li>Disable root login and password authentication.<\/li>\n\n\n\n<li>Restrict access by user\/group and at the firewall; consider a bastion host.<\/li>\n\n\n\n<li>Enable Fail2ban or equivalent; monitor logs and alerts.<\/li>\n\n\n\n<li>Keep OpenSSH and OS packages patched; rotate keys regularly.<\/li>\n\n\n\n<li>Use SSH config for consistency; tag hosts, set ports, and identities.<\/li>\n\n\n\n<li>Use port forwarding instead of exposing internal services publicly.<\/li>\n\n\n\n<li>Back up critical configs: <code>\/etc\/ssh\/sshd_config<\/code>, authorized keys, and <code>~\/.ssh\/config<\/code>.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"real-world-scenarios-and-tips\"><strong>Real-World Scenarios and Tips<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>CI\/CD deployments: <\/strong>Create a dedicated <code>deploy<\/code> user with limited permissions and a specific SSH key.<\/li>\n\n\n\n<li><strong>Multi-cloud fleets:<\/strong> Use a bastion (jump host) with <code>ProxyJump<\/code> and per-environment key policies.<\/li>\n\n\n\n<li><strong>Compliance needs: <\/strong>Enable verbose logging, centralize logs, and enforce MFA for privileged access.<\/li>\n\n\n\n<li><strong>Shared environments:<\/strong> Use <code>AllowGroups<\/code> and unique keys per user; never share private keys.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"faqs\"><strong>FAQs:<\/strong><\/h2>\n\n\n<div id=\"rank-math-faq\" class=\"rank-math-block\">\n<div class=\"rank-math-list \">\n<div id=\"faq-question-1765646225808\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"whats-the-difference-between-ssh-sftp-and-scp\"><strong>What\u2019s the difference between SSH, SFTP, and SCP?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>SSH is the secure remote login protocol. SFTP is a file transfer subsystem that runs over SSH, offering interactive and resumable transfers. SCP also runs over SSH but is simpler and less flexible than SFTP; many admins prefer rsync over SSH for efficient synchronization.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765646243500\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"is-changing-the-ssh-port-necessary-for-security\"><strong>Is changing the SSH port necessary for security?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>No. Changing the port reduces noise from bots but doesn\u2019t prevent targeted attacks. It\u2019s a minor hardening step. Real security comes from key-only authentication, disable root, firewall restrictions, rate limiting, MFA, and regular updates.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765646265316\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-do-i-fix-permission-denied-publickey\"><strong>How do I fix \u201cPermission denied (publickey)\u201d?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Ensure the correct key is being used (<code>-i<\/code> or <code>~\/.ssh\/config<\/code>), verify <code>~\/.ssh<\/code> permissions (700) and private key (600), confirm your public key exists in <code>~\/.ssh\/authorized_keys<\/code> with proper ownership, and check server logs. Try <code>ssh -vvv<\/code> for detailed negotiation output.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765646281354\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-can-i-allow-ssh-from-specific-ips-only\"><strong>How can I allow SSH from specific IPs only?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Use your firewall. For example with UFW: <code>sudo ufw allow from 203.0.113.5 to any port 22 proto tcp<\/code>. For broader setups, restrict at your cloud security groups or edge firewall, and optionally pair with a bastion host.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765646295670\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"can-i-use-ssh-on-windows\"><strong>Can I use SSH on Windows?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Yes. Windows 10\/11 includes an OpenSSH client (<code>ssh<\/code>) in PowerShell. GUI alternatives like PuTTY and WinSCP work well. Windows Subsystem for Linux (WSL) also provides a native Linux environment with OpenSSH tools.<\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>SSH on a Linux server is a secure, encrypted protocol (Secure Shell) used to remotely access, manage, and transfer files [&hellip;]<\/p>\n","protected":false},"author":21,"featured_media":15605,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"iawp_total_views":1,"footnotes":""},"categories":[350,1195],"tags":[],"class_list":["post-12705","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledgebase","category-blogging"],"acf":[],"featured_image_src":"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/What-is-SSH-on-Linux-Server-How-to-Secure-Remote-Linux-Access.jpg","author_info":{"display_name":"Sanjeet Chauhan","author_link":"https:\/\/www.youstable.com\/blog\/author\/sanjeet"},"_links":{"self":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/12705","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/users\/21"}],"replies":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/comments?post=12705"}],"version-history":[{"count":8,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/12705\/revisions"}],"predecessor-version":[{"id":15606,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/12705\/revisions\/15606"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media\/15605"}],"wp:attachment":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media?parent=12705"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/categories?post=12705"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/tags?post=12705"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}