SSH Command Examples
Secure Shell (SSH) Command Usage
The Secure Shell (SSH) protocol is a fundamental tool for secure remote access and command execution. This guide provides practical examples of common SSH commands, covering authentication, port forwarding, tunneling, and file transfer techniques. Mastering these commands is essential for developers and system administrators working with remote servers.
SSH Authentication with PEM Files
When connecting to servers that require key-based authentication, you often use a Private Encrypted Key (PEM) file. Ensure your PEM file has the correct permissions (typically 0600) for security. The following command demonstrates how to specify a PEM file during an SSH connection:
ssh -i <pemfile> <user>@<host>Connecting on Non-Standard Ports
SSH typically uses port 22. If your server is configured to listen on a different port, you can specify it using the -p option:
ssh -p <port> <user>@<host>SSH Agent Forwarding
Agent forwarding allows you to use your local SSH keys on a remote server without copying them. This is useful for chaining SSH connections or accessing resources that require your local authentication. Use the -A flag:
ssh -A <user>@<host>Executing Remote Commands
You can execute a single command on a remote server and then exit the SSH session. The -t option forces pseudo-terminal allocation, which is often necessary for interactive commands:
ssh -t <user>@<host> 'the-remote-command'Advanced SSH Configurations
SSH offers extensive configuration options. For instance, you can specify key exchange algorithms to ensure compatibility or security. Consult your SSH manual page (man ssh_config) for a full list of options:
ssh -oKeXAlgorithms=+diffie-hellman-group-exchange-sha1 <user>@<server>SSH Tunneling and Port Forwarding
SSH can be used to create secure tunnels for various purposes, including forwarding X sessions for graphical applications or creating SOCKS proxies. The -X flag enables X11 forwarding:
ssh -X <user>@<host>To redirect traffic from a local port to a remote destination through an SSH server:
ssh -f -L 8080:remote.example.com:5000 user@personal.server.com -NTo create a SOCKS proxy on your local machine:
ssh -qND <port> <user>@<host>Tunneling an SSH session through a SOCKS proxy:
ssh -o "ProxyCommand nc -x 127.0.0.1:9999 -X 4 %h %p" <user>@<host>Launching Remote X Applications
Combine X11 forwarding with remote command execution to launch graphical applications on the server and display them locally:
ssh -X -t <user>@<host> 'chromium-browser'SSH Compression and Encryption
For slower networks, compressing data can improve performance. You can also specify encryption algorithms. The -C flag enables compression, and -c blowfish selects the Blowfish cipher:
ssh <user>@<host> -C -c blowfish -XSecure File Transfer with Tar over SSH
When rsync is not available, you can use tar with SSH to copy files and directories. This example copies assets from a remote host to the current directory:
ssh <user>@<host> "cd /var/www/Shared/; tar zcf - asset1 asset2" | tar zxf -Mounting Remote Filesystems with SSHFS
SSHFS (SSH File System) allows you to mount a remote directory over SSH, making it appear as a local filesystem. You'll need to install SSHFS first:
# Install SSHFS from https://github.com/libfuse/sshfs
sshfs <user>@<host>:/path/to/folder /path/to/mount/pointAccessing Remote Files with Emacs
Emacs provides built-in support for editing files over SSH. Refer to the Emacs manual for detailed information on remote file access:
# Doc: http://www.gnu.org/software/emacs/manual/html_node/emacs/Remote-Files.html
emacs /ssh:<user>@<host>:<file>