SSH
Learn how to use SSH client commands for secure remote access, verify connections, and manage SSH agent settings. Essential SSH commands for developers.
SSH Client Commands
SSH Client Basics
The Secure Shell (SSH) protocol is a fundamental tool for secure remote access to servers and other network devices. This guide covers essential SSH client commands and configurations for developers.
SSH Version Check
To check the installed SSH client version, use the following command:
ssh -V
Verify SSH Connection
You can verify your SSH connection, especially for services like Git, with a simple test command:
ssh -T git@github.com
This command attempts to establish a connection to GitHub's Git service and should return a success message if your authentication is set up correctly.
Configuring SSH Agent for Profile
To streamline SSH authentication and avoid repeatedly entering passphrases, you can configure your shell profile to manage the SSH agent. Add the following lines to your .profile
(preferred for POSIX compatibility) or .bash_profile
:
# SSH Agent Configuration
eval $(ssh-agent -s)
ssh-add ~/.ssh/your_private_key # Replace with your actual private key file
trap $(kill $SSH_AGENT_PID) EXIT
Explanation:
eval $(ssh-agent -s)
: Starts the SSH agent in the background and sets environment variables for the current shell session.ssh-add ~/.ssh/your_private_key
: Adds your private SSH key to the agent. You will be prompted for the passphrase if your key is protected.trap $(kill $SSH_AGENT_PID) EXIT
: Ensures that the SSH agent is terminated when you log out of your shell session, enhancing security.
.bash_profile
is specific to bash, while.profile
is a more generic POSIX-compliant shell configuration file. Bash typically looks for.bash_profile
first, and if it doesn't exist, it falls back to.profile
.The correct way to spawn ssh-agent for a standard POSIX-compatible shell is
eval $(ssh-agent -s)
. It's also crucial to ensure the agent is properly cleaned up upon logout by includingtrap 'kill $SSH_AGENT_PID' EXIT
after starting the agent.A more comprehensive approach for managing SSH agent environment variables, especially in environments like Cygwin, is provided below:
SSH_ENV="$HOME/.ssh/environment"
function start_agent {
echo "Initialising new SSH agent..."
/usr/bin/ssh-agent | sed 's/^echo/#echo/' > "${SSH_ENV}"
echo succeeded
chmod 600 "${SSH_ENV}"
. "${SSH_ENV}" > /dev/null
/usr/bin/ssh-add;
}
# Source SSH settings, if applicable
if [ -f "${SSH_ENV}" ]; then
. "${SSH_ENV}" > /dev/null
# ps ${SSH_AGENT_PID} doesn't work under cygwin
ps -ef | grep ${SSH_AGENT_PID} | grep ssh-agent$ > /dev/null || {
start_agent;
}
else
start_agent;
fi
Key SSH Concepts
SSH provides a secure channel over an unsecured network, enabling secure file transfers (SCP, SFTP) and remote command execution. Understanding how to manage your SSH keys and agent is vital for efficient and secure development workflows.
References
- Using ssh-agent with ssh - A detailed guide on SSH agent usage.
- Start ssh-agent on login - Stack Overflow discussion on automating SSH agent startup.
- How can I run ssh-add automatically, without a password prompt? - Unix Stack Exchange for managing SSH keys securely.
- MDN Web Docs: SSH - General information on SSH from Mozilla Developer Network.