Written by: andre
Category: Linux Server Admin Guide
Hits: 22187

My SSH command collection (Collected in the WWW)

  1. Enable automatic ssh login using a keyfile

    You might use the ssh-keygen program to create the keyfiles.
    This will enable SSH authentication without needing a password.

    Create a initial ~/.ssh/config file on the client, if not yet present:
    testuser@clienthost $ { echo 'Host *'; echo "IdentityFile ~/.ssh/`whoami`"; } > ~/.ssh/config && chmod 600 ~/.ssh/config
    On CLIENT machine, create private/public key pair, if not yet present.
    (This will create the files ~/.ssh/testuser and ~/.ssh/testuser.pub.)
    testuser@clienthost $ ssh-keygen -t rsa -f ~/.ssh/`whoami` && chmod 600 ~/.ssh/`whoami`
    Install your public key on the REMOTE machine:
    testuser@clienthost $ cat ~/.ssh/`whoami`.pub \
    | ssh remoteuser@remotehost 'cat >> ~/.ssh/authorized_keys'

    Or

    ssh-copy-id remoteuser@remotehost

    Final step, add your private key to your ssh-agent. Otherwise you will get prompted to enter your passphrase every time you try to connect to the remote host.

    ssh-add ~/.ssh/`whoami`
  2. Create a tunneled proxy to a remote host

    ssh -N -L9080:localhost:80 theremotehost

    To browse to the remote machine, goto: http://localhost:9080/

  3. Connect machine A to machine B through machine C

    Scenario:
    Host A wants to connect to host B on port 443, but they cannot speak directly.
    A third host, C, can access B on port 443, and is able to ssh to host A.

    On host C, ssh to host A and create a tunnel that listens on A:1234 and forwards traffic to B:443.

    johndoe@host_C:~$ ssh -N -R 1234:host_B:443 johndoe@host_A

    On host A, localhost:1234 can now be used to access B:443 through the tunnel:

    johndoe@host_A:~$ wget --spider https://localhost:1234 --no-check-certificate 2>&1 | grep 200
    HTTP request sent, awaiting response... 200 OK
  4. Setup port forwarding to a remote host

    ssh theuser@remotehost -L 12345:localhost:80

    To access the remote service through the tunnel, visit: http://localhost:12345/
    (This function is not limited to http, every protocol may work)

  5. Compare a local file with a remote file

    ssh username@remotehost1 cat /path/to/remote-file | diff /path/to/local-file -

    Useful for checking if there are differences between local and remote files.

  6. Mount folder/filesystem through SSH

    sshfs username@remotehost1:/path/to/remotefolder /path/to/localmountpoint

    See sshfs website for installation instructions and documentation.
    This is very convenient, having a remote folder accessible like a local dir.

  7. SSH connection through host in the middle

    ssh -t username@remotehost1 ssh endpointhost

    This will chain the ssh connection. Useful when you are not permitted to access the endpointhost from your current host, but from remotehost1.

  8. Copy from host1 to host2, through your host

    ssh username1@remotehost1 "cd /somedir/tocopy/ && tar -cf - " | ssh username2@remotehost2 "cd /samedir/tocopyto/ && tar -xf -"

    Good if only you have access to remotehost1 and remotehost2, but they have no access to your host and they have no direct access to each other.

  9. Run a GUI tunnelled

    ssh -fX username@remotehost1 xclock

    The SSH server configuration requires:

    X11Forwarding yes
  10. Resume scp of a big file

     rsync -partial -progress -rsh=ssh /path/to/localfile username@remotehost1:/path/to/remotefile

    It can resume a broken/interrupted download using rsync.

  11. Throttle bandwidth with cstream

    tar -cj /local/file | cstream -t 123k | ssh username@remotehost1 "tar -xj -C /remote/path"

    This copies a compressed folder over the network to username@remotehost1 at 123k bit/s.